Skip to content
PERCONA MONITORING AND MANAGEMENT DOCUMENTATION

For help, click the link below to get free database assistance or contact our experts for personalized support.

Get help from Percona

Check mongodb localhost bypass

Description

This advisor returns a warning if the localhost exception is enabled in MongoDB ( the enableLocalhostAuthBypass parameter is set to True).

This represents a security vulnerability and should be disabled.

For more information, see the MongoDB documentation.

Rule

MONGODB_GETPARAMATER
db.adminCommand({'getParameter':'*'}).enableLocalhostAuthBypass
true

            enableLocalhostAuthBypass = docs[0]["enableLocalhostAuthBypass"]
            print(repr(enableLocalhostAuthBypass))
            if enableLocalhostAuthBypass == "true":

Resolution

Follow the steps below to disable localhost exception:

  1. Edit the mongod.conf and set the below parameter.

    setParameter:
  enableLocalhostAuthBypass: false

  2. Roll-restart your mongod nodes to apply the changes.

Need more support from Percona?

Percona experts bring years of experience in tackling tough database performance issues and design challenges.