install mongodb in centos directadmin+nginx+php-fpm56

morteza

New member
Joined
Jul 6, 2017
Messages
3
hello

Is there some way to install MongoDB using Directadmin With directadmin+nginx+php-fpm56?

Thanks a lot
 
Hi,

Maybe you need an it technician looks into this for you if you still have problem. Anyway I can try it (free of charge), please PM me if you need help.
 
Hello,

the guide suggests that you run:

Code:
usr/local/php71/bin/pecl install mongodb

for php 5.6 you should run

Code:
usr/local/php56/bin/pecl install mongodb

the same way you should do for other PHP versions.

And you should control output of the command, it might be that pecl install command failed. What are the last lines you see?
 
Never use MongoDB at shared hosting servers

I don't recommend to install MongoDB for the shared hosting purposes at all because MongoDB has huge security issues. MongoDB developers know about it, but either don't understand that it's the vulnerability, or don't care. The issue exists from 2015

If you need to run some MongoDB sites, use virtualization or docker at least
 
What vurnerability? It is depending on access from outside or even injecting queries from a website?
Any link/reference?

Thanks
 
I also read about this recently: https://www.reddit.com/r/netsec/comments/6mogkm/mongodb_at_shared_hosting_security_surprises/

Setting a correct chmod would seem to help.

It's all about the chmod I guess, since you can also browse in the mysql data dir; however you can't access the subdirs (but you can see the database names).

Even in CloudLinux you can see the MySQL files in CageFS by default; personally I move the sql data dir outside it and only leave mysql.sock inside it.
 
There was a big hack in January: http://thehackernews.com/2017/01/mongodb-database-security.html

As it was huge, it left the impression that MongoDB is very insecure. It's more like that the admins that are installing MongoDB are inexperienced, not that MongoDB is insecure. But yes, sorry for the word but the MongoDB documentaion sucks - it teaches you to install it in a very insecure way! And that's not a new problem - it exists since the beginning of the project. There were big hacks against MongoDB databases back in 2015 too and it was because of the same problem - not vulnerabilities but insecure installations.

So if you are installing MongoDB, don't just follow the tutorials in the docs. Be prepared to dig deep in permissions of all files and manually configure everything.
 
Back
Top