Get the latest news and information about the ObjectRocket platform and its fully managed instances.

Free 30-Day Trial

Provision a single Redis (500MB), MongoDB with MMAPv1 (up to 5GB), or Elasticsearch with Kibana (512MB RAM / 4GB Disk) instance and experience the ObjectRocket platform backed by Fanatical Support® free for your first 30 days. Learn more

Try now

MongoDB Authentication and ObjectRocket

Jens Heyens, Kai Greshake, and Eric Petryka at CISPA recently published a paper entitled "MongoDB databases at risk - Several thousand MongoDBs without access control on the Internet". The paper outlines that basic security practices have not been followed by a large number of internet accessible MongoDB installations.

Being that ObjectRocket is an internet connected Database as a Service, it makes some sense to discuss the findings of this paper in relation to our product. Security has always been something that ObjectRocket has taken very seriously. ObjectRocket has a couple of key architectural and security components that are worth noting:

  • Authentication is enabled for 100% of all accounts. There is no other way to purchase MongoDB from ObjectRocket.
  • When a database is provisioned, you must create a user to access the database. This is not an admin account.
  • When a database is provisioned, its VIP/PORT is blocked by default. Customers must open this port via the ACL facility, and can limit access to a user defined CIDR.
  • For some plans, users can opt to encrypt MongoDB traffic over the wire via MongoDB's built in SSL support. ObjectRocket handles the SSL termination on the server side.
  • Interfaces are abstracted from the calling client, there is a single VIP per datacenter and unique PORT for any given instance. ObjectRocket handles the routing of connections behind the VIP.

We are always looking to improve our service, and security is a topic that continues to be top of mind. But customers can be at peace knowing ObjectRocket adheres to these basic best practices by default. If you have further questions and/or concerns please hit us up at

We've got your back 24x7x365
  • Sales: 1-888-440-3242