Watch keynotes and sessions from MongoDB.live, our virtual developer conference.

mongoDB service error after changing port

My test database got hacked recently because i was using default port, so i dropped all the collections and users and created a new user, changed the port. Then the mongoDB service just couldn’t start.

    mongod.service - MongoDB Database Server
       Loaded: loaded (/lib/systemd/system/mongod.service; enabled; vendor preset: enabled)
       Active: failed (Result: exit-code) since Tue 2020-06-23 01:25:52 UTC; 7s ago
         Docs: https://docs.mongodb.org/manual
      Process: 22420 ExecStart=/usr/bin/mongod --config /etc/mongod.conf (code=exited, status=48)
     Main PID: 22420 (code=exited, status=48)
    
    Jun 23 01:25:52 MongoCorev3 systemd[1]: Started MongoDB Database Server.
    Jun 23 01:25:52 MongoCorev3 mongod[22420]: 2020-06-23T01:25:52.535+0000 I CONTROL  [main] Automatically disabling TLS 1.0, to force-enable TLS 1.0 specify --sslDisabledProtocols 'none'
    Jun 23 01:25:52 MongoCorev3 systemd[1]: mongod.service: Main process exited, code=exited, status=48/n/a
    Jun 23 01:25:52 MongoCorev3 systemd[1]: mongod.service: Failed with result 'exit-code'.

MongoDb config:

    storage:
      dbPath: /var/lib/mongodb
      journal:
        enabled: true
    #  engine:
    #  mmapv1:
    #  wiredTiger:
    
    # where to write logging data.
    systemLog:
      destination: file
      logAppend: true
      path: /var/log/mongodb/mongod.log
    
    # network interfaces
    net:
      port: 23396
      bindIp: 127.0.0.1,188.166.240.2
    
    
    # how the process runs
    processManagement:
      timeZoneInfo: /usr/share/zoneinfo
    
    security:
      authorization  : enabled

Firewall :

    To                         Action      From
    --                         ------      ----
    22/tcp                     LIMIT       Anywhere                  
    80/tcp                     ALLOW       Anywhere                  
    443/tcp                    ALLOW       Anywhere                  
    27017                      REJECT      Anywhere                  
    23396                      ALLOW       Anywhere                  
    22/tcp (v6)                LIMIT       Anywhere (v6)             
    80/tcp (v6)                ALLOW       Anywhere (v6)             
    443/tcp (v6)               ALLOW       Anywhere (v6)             
    27017 (v6)                 REJECT      Anywhere (v6)             
    23396 (v6)                 ALLOW       Anywhere (v6)

Hello,
Please post the output of the logfile.

Moreover, i am not sure if simply changing the port will prevent someone from hacking your database again.

Thanks
R

Hi, where can i find the logfile you mention ?
Also, i literally fresh created a DigitalOcean server for 3 Days with mongoDB and its hacked. During that time my port was default port and bindIp. So is mongoDB really that easy to get hacked ? What should I do as i really can’t find any reliable up-to-date tutorial online that show up how to set up a proper mongoDB ourself. Thanks

From your configuration file your log file is

/var/log/mongodb/mongod.log

Try university.mongodb.net.

:wave: Hi @Chen_Haur and welcome to the community forums.

I would start with the MongoDB Security Checklist.

1 Like