In this guide, we’ll walk through the steps to install MongoDB securely on an Ubuntu 24.04.1 server. We will configure it to allow access only to specific users and bind it to certain IP addresses for added security. This ensures your database is well-protected against unauthorized access.

Prerequisites

  • An Ubuntu 24.04.1 server with root access or a user with sudo privileges.
  • Basic knowledge of the terminal and command line operations.

Step-by-Step Installation

  1. Update the Package Index Start by updating the package index to ensure you have the latest information on available packages:

    sudo apt update

  2. Install Required Packages Next, install curl and GnuPG, which are necessary for adding the MongoDB repository:

    sudo apt install curl gpg

  3. Import the MongoDB Public Key Download the MongoDB public GPG key and save it for package verification:

    curl -fsSL https://www.mongodb.org/static/pgp/server-8.0.asc | \
sudo gpg -o /usr/share/keyrings/mongodb-server-8.0.gpg --dearmor

  4. Add MongoDB Repository Add the MongoDB repository to your APT sources list:

    echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-8.0.gpg ] https://repo.mongodb.org/apt/ubuntu noble/mongodb-org/8.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-8.0.list

  5. Update Package Index Again After adding the repository, update the package index again:

    sudo apt update

  6. Install MongoDB Now, install MongoDB using the following command:

    sudo apt install -y mongodb-org

  7. Start MongoDB Service Start the MongoDB service to begin using it:

    sudo systemctl start mongod

  8. Enable MongoDB to Start on Boot Configure MongoDB to start automatically on system boot:

    sudo systemctl enable mongod

  9. Check MongoDB Service Status Verify that the MongoDB service is running correctly:

    sudo systemctl status mongod

  10. Access the MongoDB Shell Launch the MongoDB shell to create an admin user:

    mongosh

  11. Create an Admin User Switch to the admin database and create an admin user (replace yourusername and yourpassword with your chosen credentials):

    use admin
db.createUser({
  user: 'yourusername',
  pwd: 'yourpassword',
  roles: [{ role: 'userAdminAnyDatabase', db: "admin" }]
})

  12. Exit MongoDB Shell Exit the MongoDB shell after creating the user:

    exit

Step 2: Secure MongoDB Configuration

  1. Edit the MongoDB Configuration File Open the MongoDB configuration file to modify the binding and authentication settings:

    sudo nano /etc/mongod.conf

    In this file, you will need to:

    • Bind MongoDB to localhost and your specific IP address:

      bind_ip: 127.0.0.1,your_server_ip

    • Enable authentication:

      security:
  authorization: enabled

  2. Restart MongoDB Service After saving your changes, restart the MongoDB service to apply the new configuration:

    sudo systemctl restart mongod

Step 3: Configure Firewall Rules

  1. Enable UFW Firewall To enhance the security of your server, enable UFW (Uncomplicated Firewall):

    sudo ufw enable

  2. Allow Specific IP Address for MongoDB Access Allow access to MongoDB from a specific IP address (replace 36.XXX.XXX.XXX with your actual IP):

    sudo ufw allow from 36.XXX.XXX.XXX to any port 27017

  3. Check UFW Status Finally, verify your firewall rules to ensure everything is set up correctly:

    sudo ufw status

    You should see output similar to this:

    Status: active

To                         Action      From
--                         ------      ----
27017                      ALLOW       36.XXX.XXX.XXX

Conclusion

You have successfully installed MongoDB on Ubuntu 24.04.1 and configured it to be secure by allowing access only to specified users and IP addresses. This setup helps protect your database from unauthorized access while still enabling the necessary connectivity for your applications.

As always, keep your MongoDB version up to date and monitor your server for any unauthorized access attempts. Happy coding!