00:01 One of the most important things we can do to make our MongoDB server safe
00:03 even if we screw up the configuration, the authentication, the encryption, all those things
00:08 is to make sure nobody can talk to it.
00:11 So we're going to do two simple things right away to lock down our server.
00:15 Obviously our web app, or whatever app, our service
00:20 whatever we're building that uses MongoDB should be able to talk to it,
00:23 and it's this probably within a data center
00:26 we could possibly get to it from our local machines,
00:28 but well do things like ssl tunnels and so on to do that,
00:31 so we won't open up any extra ports for this.
00:34 However, there's always something out there lurking,
00:37 I showed you that super scary warning at the beginning
00:40 and they're out there looking, they are saying
00:43 hey I would love to talk to the server on port 27017 the default port
00:46 or maybe 1.8 or 1.9, or 20, depending on the service you're running.
00:50 So we want to block those guys, we want to block them with the firewall
00:53 and a couple of other things.
00:56 That's what we're going to do next.
00:58 We're going to do this like I said, in Linux itself, in Ubuntu itself,
01:01 we could the cloud computing stuff like Digital Ocean just announced
01:06 this cloud firewall thing that is really probably easier
01:09 and if you're using Digital Ocean have a look at that,
01:12 but we'll do it here and it works just fine.