STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to MongoDB Enterprise Advanced 4.x Security Technical Implementation Guide

V-252148

CAT II (Medium)

MongoDB must limit the total number of concurrent connections to the database.

Rule ID

SV-252148r960735_rule

STIG

MongoDB Enterprise Advanced 4.x Security Technical Implementation Guide

Version

V1R4

CCIs

CCI-000054

Discussion

MongoDB must limit the total number of concurrent connections to the database.

Check Content

Mongo can limit the total number of connections.

Verify that the MongoDB configuration file (default location: /etc/mongod.conf) contains the following:

net:
  maxIncomingConnections:  %int%      

If this parameter is not present, or the OS is not utilized to limit connections, this is a finding.

Fix Text

MongoDB can limit the total number of connections served by mongod process by setting the following in the MongoDB configuration file (default location: /etc/mongod.conf)

net:
  maxIncomingConnections:  %int%      

See the following documentation:
https://docs.mongodb.com/v4.4/reference/configuration-options/

Products outside of MongoDB can be used to monitor database sessions and limit the maximum number of connections that can be made. 

Alternatively most UNIX-like operating systems, including Linux and macOS, provide ways to limit and control the usage of system resources such as threads, files, and network connections on a per-process and per-user basis. 

These ulimits prevent single users from using too many system resources. 

The following is the MongoDB documentation regarding these user limits: https://docs.mongodb.com/v4.4/reference/ulimit/