MongoDB Suggests that the easy way to handle security is to run it in a trusted environment, given that, "in such a configuration, one must be sure only trusted machines can access database TCP ports."
What would be the best approach for doing this? Is there a way for mongodb to natively only listen to localhost?
I'm using ubuntu 10.10
Add the following line into
bind_ip = 127.0.0.1
As @Josh Rickard stated in comments: don't forget to restart the process after updating the config file:
service mongodb restart
As Andreas mentioned in a round-about way:
mongod --bind_ip 127.0.0.1