MD4X-00-001550 - MongoDB must limit the total number of concurrent connections to the database.

Information

MongoDB must limit the total number of concurrent connections to the database.

Solution

MongoDB can limit the total number of connections served by mongod process by setting the following in the MongoDB configuration file (default location: /etc/mongod.conf)

net:
maxIncomingConnections: %int%

See the following documentation:
https://docs.mongodb.com/v4.4/reference/configuration-options/

Products outside of MongoDB can be used to monitor database sessions and limit the maximum number of connections that can be made.

Alternatively most UNIX-like operating systems, including Linux and macOS, provide ways to limit and control the usage of system resources such as threads, files, and network connections on a per-process and per-user basis.

These ulimits prevent single users from using too many system resources.

The following is the MongoDB documentation regarding these user limits: https://docs.mongodb.com/v4.4/reference/ulimit/

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MDB_Enterprise_Advanced_4-x_V1R4_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-10, CAT|II, CCI|CCI-000054, Rule-ID|SV-252148r960735_rule, STIG-ID|MD4X-00-001550, Vuln-ID|V-252148

Plugin: Unix

Control ID: 0069efc1104622e5ab7ec35eaf1c38f35abd956669e9bf0a44c4992fc84bba57