I have a MongoDB server, which I have enabled auth on. I want to enable anonymous access (full read/write access) if someone tries to authenticate on my server locally (meaning if someone SSH into the server and write mongo
or if an application uses mongodb://localhost:27017/DATABASE
). If someone tries to authenticate from outside the network, it should not be allowed to, unless the person has an user (created using db.createUser()
).
How do I do that?
Best Answer
I'm afraid what you are looking to do is not possible (likely because it is a very poor security practice in general). There is a Localhost Exception which exists to allow the initial set up of auth etc. on a new server, but once you have auth set up (which you do), it no longer applies.