UCF STIG Viewer Logo

MongoDB must limit the total number of concurrent connections to the database.


Overview

Finding ID Version Rule ID IA Controls Severity
V-252148 MD4X-00-001550 SV-252148r813826_rule Medium
Description
MongoDB must limit the total number of concurrent connections to the database.
STIG Date
MongoDB Enterprise Advanced 4.x Security Technical Implementation Guide 2022-09-12

Details

Check Text ( C-55604r813824_chk )
Mongo can limit the total number of connections.

Verify that the MongoDB configuration file (default location: /etc/mongod.conf) contains the following:

net:
maxIncomingConnections: %int%

If this parameter is not present, or the OS is not utilized to limit connections, this is a finding.
Fix Text (F-55554r813825_fix)
MongoDB can limit the total number of connections served by mongod process by setting the following in the MongoDB configuration file (default location: /etc/mongod.conf)

net:
maxIncomingConnections: %int%

See the following documentation:
https://docs.mongodb.com/v4.4/reference/configuration-options/

Products outside of MongoDB can be used to monitor database sessions and limit the maximum number of connections that can be made.

Alternatively most UNIX-like operating systems, including Linux and macOS, provide ways to limit and control the usage of system resources such as threads, files, and network connections on a per-process and per-user basis.

These ulimits prevent single users from using too many system resources.

The following is the MongoDB documentation regarding these user limits: https://docs.mongodb.com/v4.4/reference/ulimit/