11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog

IAN LONDON'S BLOG

How to connect to your remote MongoDB server

I have MongoDB running on my Ubuntu server in Amazon EC2. Since there’s no simple
all-in-one tutorial out there explaining how to set up user authentication for Mongo
so that you can read and write to your MongoDB server from your laptop, I decided to
write one.

If you haven’t installed MongoDB yet, follow the steps at

https://docs.mongodb.com/manual/tutorial/install-mongodb-on-ubuntu/ rst.

1. Set up your user

First ssh into your server and enter the mongo shell by typing mongo . For this
example, I will set up a user named ian and give that user read & write access to the
cool_db database.

use cool_db

db.createUser({
user: 'ian',
pwd: 'secretPassword',
roles: [{ role: 'readWrite', db:'cool_db'}]
})

2. Enable auth and open MongoDB access up to all IPs

Edit your MongoDB con g le. On Ubuntu:

sudo vim /etc/mongod.conf

Look for the net line and comment out the bindIp line under it, which is
currently limiting MongoDB connections to localhost:

Warning: do not comment out the bindIp line without enabling authorization.
Otherwise you will be opening up the whole internet to have full admin access to all
mongo databases on your MongoDB server!

# network interfaces
net:
https://ianlondon.github.io/blog/mongodb-auth/ 1/8
11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog
port: 27017
# bindIp: 127.0.0.1 <- comment out this line

Scroll down to the #security: section and add the following line. Make sure to
un-comment the security: line.

security:
authorization: 'enabled'

3. Open port 27017 on your EC2 instance

Go to your EC2 dashboard: https://console.aws.amazon.com/ec2/
Go to Instances and scroll down to see your instance’s Security Groups. Eg, it
will be something like launch-wizard-4
Go to Netword & Security -> Security Groups -> Inbound tab -> Edit button.
Make a new Custom TCP on port 27017, Source: Anywhere, 0.0.0.0/0

4. Last step: restart mongo daemon (mongod)

sudo service mongod restart

Make sure you can still log in with mongo while ssh’d into the box.

If anything goes wrong, look at the log: tail -f /var/log/mongodb/mongod.log (note:

non-Ubuntu machines will keep the log in another directory…)

Logging in using the mongo shell on your laptop

You can close out of ssh and go back to your local console. To enter the remote Mongo
database we just set up, you can use the mongo shell:

mongo -u ian -p secretPassword 123.45.67.89/cool_db

Where 123.45.67.89 is your server’s public IP address.

Now you can read and write within the cool_db database from your laptop without
ssh !

Using pymongo with your remote MongoDB server

import pymongo

client = pymongo.MongoClient("mongodb://ian:secretPassword@123.45.67.89/cool_db") #

https://ianlondon.github.io/blog/mongodb-auth/ 2/8
11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog

db = client.cool_db

# print the number of documents in a collection

print db.cool_collection.count()

And that’s it!

How to connect to your remote MongoDB server was published on May 23, 2016.

Comments Community 🔒 Privacy Policy  Ava

 Recommend 9 t Tweet f Share Sort by Best

⚠ Ian London's Blog requires you to verify your email address ×

before posting. Send verification email to omondiy@gmail.com

Join the discussion…

Ahmed Khan • 3 years ago • edited

instead of commenting bindIp use bindIp: 0.0.0.0 to give
remote access.
30 △ ▽ • Reply • Share ›

Matt Fletcher > Ahmed Khan • 3 years ago

The post should really be amended with this
information. You're a lifesaver, thanks
19 △ ▽ • Reply • Share ›

Magna > Ahmed Khan • 2 months ago

I wasted hours on this. Thank you.
△ ▽ • Reply • Share ›

johni pires rodrigues > Ahmed Khan • a year ago

Thanks, it is working now
△ ▽ • Reply • Share ›

Giri > Ahmed Khan • 2 years ago

Hi,

I want to access the Mongo DB from remote. I added

bindIp: 0.0.0.0 and saved the /etc/mongod.conf and
tried to restart the service
https://ianlondon.github.io/blog/mongodb-auth/ 3/8
11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog
tried to restart the service.

Redirecting to /bin/systemctl restart mongod.service

Job for mongod.service failed because the control
process exited with error code. See "systemctl status
mongod.service" and "journalctl -xe" for details.

Please help to fix the issue and to access DB Remotely.

Thanks,
Giri.
△ ▽ • Reply • Share ›

Gamesicks > Ahmed Khan • 2 years ago

You can use --bind_ip_all
△ ▽ • Reply • Share ›

Sakthikanth J > Ahmed Khan • 2 years ago

Thank You
△ ▽ • Reply • Share ›

Sadeep Weerasinghe > Ahmed Khan • 2 years ago

thank you , works now
△ ▽ • Reply • Share ›

Alfredo Lara > Ahmed Khan • 3 years ago

effectively with this specific configuration allows to
remotely connect to the mongo server. Thanks. Good
article.
△ ▽ • Reply • Share ›

yuzhong huang > Ahmed Khan • 3 years ago

I was stuck by it for hours. Thank you sir! They must
changed some codes recently cause most of the posts
said just to comment it out.
△ ▽ • Reply • Share ›

Raymart P. Medroso > Ahmed Khan • 3 years ago

You're a lifesaver dude! Thanks so much!!
△ ▽ • Reply • Share ›

Syllia Mêhou-Loko > Ahmed Khan • 3 years ago

Oh My Savior!!!
△ ▽ • Reply • Share ›

Bin Shi > Ahmed Khan • 3 years ago

Inneed Thanks for your help!
https://ianlondon.github.io/blog/mongodb-auth/ 4/8
11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog
Inneed. Thanks for your help!
△ ▽ • Reply • Share ›

Nilesh Moodley • 3 years ago

Thanks for the great article. As an alternative, seeing as you
already have SSH access, a more secure method is to use an
SSH tunnel instead of opening up all ports on your remote
instance. By keeping the IP bound to localhost on the remote
mongod.conf, create the tunnel to the remote instance by
running the following on your local machine: ssh -N -f -L
27018:127.0.0.1:27017 <user>@<ip_address>. Then connect
to the remote instance from your local machine using: mongo -
u ian -p secretPassword --port 27018. The redirection will be
handled using the SSH protocol, which is a more secure
alternative. Hope this helps!
3△ ▽ • Reply • Share ›

Robin Linh > Nilesh Moodley • 2 years ago

Hi Nilesh can I ask if I can use this SSH tunnel method
to connect to mongodb with a module like pymongo or
mongodb in Nodejs?
2△ ▽ • Reply • Share ›

Muhammad Ikhsan > Nilesh Moodley • 4 months ago

I believe, using pymongo it would be like this
client =
pymongo.MongoClient("mongodb://ian:secretPassword@l

△ ▽ • Reply • Share ›

Andrey Tsanko > Nilesh Moodley • 7 months ago

This is a much better solution, Thanks
△ ▽ • Reply • Share ›

Shivank > Nilesh Moodley • 2 years ago

Cool!
△ ▽ • Reply • Share ›

Matt Barlow > Nilesh Moodley • 3 years ago

^ this.
△ ▽ • Reply • Share ›

Zohair Abbas Hadi • 10 months ago

Can someone help me, I'm trying to connect mongodb with
local server made with ktor and don't understand a way to do it.
△ ▽ • Reply • Share ›
https://ianlondon.github.io/blog/mongodb-auth/ 5/8
11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog

Ekramul Islam • 10 months ago

nice
△ ▽ • Reply • Share ›

Ilya Zub • a year ago

I was able to connect to the remote DB by specifying its name
at the end of the connection. This part: `/ cool_db`.

Before your post, I've tried to connect for three hours. Thank
you.
△ ▽ • Reply • Share ›

Rahul Banerjee • a year ago

I am only getting the following upon putting in the code sudo
vim /etc/mongod.conf per step 2
""/etc/mongod.conf" [New File] "
△ ▽ • Reply • Share ›

ONE TWO • 2 years ago

Before change bindIp, need to ifentify which config file
mondogDB load. using "sudo systemctl status mongodb" to
find which mongodb.conf was loaded.
However, thank your post, I could connect mongodb remotely.
△ ▽ • Reply • Share ›

Raphaël • 2 years ago • edited

Thanks for this nice article. I have a suggestion though.

As recommended on mongo security checklist

(https://docs.mongodb.com/ma..., you should encrypt
communication.

Exposing unencrypted endpoint to the internet makes your

system vulnerable to eavesdropping on the connection and
man-in-the-middle attacks.

As an alternative, one can use preconfigured sass services such

as https://www.mongodb.com/clo... .
△ ▽ • Reply • Share ›

Nissim Mahesh Kurle • 2 years ago

Hey i created a user with the above steps i am getting
"errmsg" : "not authorized on users to execute command
△ ▽ • Reply • Share ›

Zagrafe • 2 years ago

i
https://ianlondon.github.io/blog/mongodb-auth/ i i d d i i f ili h i 6/8
11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog
nice one. I am trying on windows and it is failing: the server is
windows server and the client windows 10.

I couldn't find the configuration file on windows

△ ▽ • Reply • Share ›

Rafael Valero • 3 years ago

Great post!. Thank you very much for sharing that. I found that
instead of commenting bindIp use bindIp: 0.0.0.0 to give
remote access, as mentioned in previous comments. Also you
do not need to create a new user: http://incredulosanonimos.b...
△ ▽ • Reply • Share ›

Muhammed Eren Özyürür • 3 years ago

Thank you, buddy. That was pretty helpful for me. Special
thanks.
△ ▽ • Reply • Share ›

Junho Park • 3 years ago

Thanks! nice post
△ ▽ • Reply • Share ›

Lee Mordell • 3 years ago

Sooooo useful. Thanks so much!
△ ▽ • Reply • Share ›

Pablo Moraga • 3 years ago • edited

Start your remote mongoDB server with --bind_ip_all option,
that's all

Ex.
mongod --dbpath=data --bind_ip_all
😁😁😁
△ ▽ • Reply • Share ›

Ralphlegrand • 3 years ago

Can anyone help? When I run this code in my mongo terminal:
'mongo -u bla -p passbla 123.45.67.89/cool_db'

I am having an error stating:

[thread1] SyntaxError: missing ; before statement @(shell):1:9
△ ▽ • Reply • Share ›

Francesco • 3 years ago

Very useful article, thanks!
△ ▽ • Reply • Share ›
https://ianlondon.github.io/blog/mongodb-auth/ 7/8
11/18/2020 How to connect to your remote MongoDB server – Ian London's Blog

lokesh soni • 3 years ago

unable to make changes in /etc/mongod.conf
△ ▽ • Reply • Share ›

lokesh soni > lokesh soni • 3 years ago

its done...we have to do it from root
△ ▽ • Reply • Share ›

The Prince • 3 years ago

Beautiful. Thanks
△ ▽ • Reply • Share ›

Senthil World • 3 years ago

Such a great and crispy article... Tons of thanks dude
△ ▽ • Reply • Share ›

Victor Kurauchi • 3 years ago

good one man! thanks for sharing.
△ ▽ • Reply • Share ›

Dmytro Pylypenko • 3 years ago

Thank you for clear explanation!
△ ▽ • Reply • Share ›

William Ku • 3 years ago

Thanks Ian
△ ▽ • Reply • Share ›

Michael Naumov • 3 years ago • edited

© 2017 Ian London. Powered by Jekyll using the Minimal Mistakes theme.

https://ianlondon.github.io/blog/mongodb-auth/ 8/8