zaremate/eggs
1
0
Fork 0
mirror of https://github.com/pelican-eggs/eggs.git synced 2025-10-31 17:08:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

docs: updated MongoDB readme to add some notes about security

Browse Source
This commit is contained in:
MAXOUXAX 2022-10-29 15:01:47 +02:00
parent 0df96b7d45
commit 04dcb56d9b
1 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
database/nosql/mongodb/README.md
View File

@ -8,6 +8,25 @@ MongoDB is a general purpose, document-based, distributed database built for mod
To disable the message about free monitoring you can run `db.disableFreeMonitoring()`.
## Security
By default, MongoDB **does not enforce access control**, meaning that even if you set an admin username and password in the settings of your Pterodactyl server, **anyone will be able to connect to the database without authentication**, and perform any operation.
> :warning: This is why we recommend to expose your MongoDB database only to your local network, if possible
### Notes specific to the MongoDB 6 egg
The [MongoDB 6 egg](./egg-mongo-d-b6.json) enables access control by default in the `mongod.conf` file, meaning that even if people will be able to connect to your database as guests, [they will not be able to perform any operation, apart from nonhazardous commands](https://dba.stackexchange.com/a/292175)
### :warning: If you know what you are doing, and you really want to disable access control, you can do so by editing the `mongod.conf` file
```yaml
security:
authorization: "disabled"
```
> To learn more about MongoDB security, you can read the [MongoDB Security Checklist](https://www.mongodb.com/docs/manual/administration/security-checklist/#security-checklist)
## Minimum RAM warning
MongoDB requires approximately 1GB of RAM per 100.000 assets. If the system has to start swapping memory to disk, this will have a severely negative impact on performance, and should be avoided.