1.3.1.1 Advanced installation for Unix-based deployments

This page describes in detail how you can achieve the following tasks:

  • Use an external MongoDB server instead of the built-in database

  • Configure HTTPS communication for the web server

Use an external database

Production deployments of MetaDefender for Secure Storage should ensure high availability and/or load-balancing at the database level by using an external MongoDB (or any compatible service) instead of the built-in database that is included with the basic installation.

We recommend using a version of MongoDB that is the same as the built-in database version from the system requirements page.

How to setup an external MongoDB in MetaDefender for Secure Storage

The following steps should be performed before initializing MetaDefender for Secure Storage for the first time (i.e before the mdss -u init command from the installation guide).

These steps can be performed after the installation or at any other time but the existing data (if any) will be lost. In this case, the last step should be replaced with a restart instead of a start command.

  1. Ensure that your external MongoDB is properly configured and ready to accept remote connections
    Note: it is recommended to setup access control for your external database as well as taking the necessary network security measures to ensure that only the server running MetaDefender for Secure Storage can access the database.

  2. Locate the configuration file created by the installer in /etc/mdss/customer.env

  3. Add the following configuration line:

    MONGO_URL=mongodb://user:password@server:port/MDCS?authSource=admin

  4. Please check the connection string documentation for more information. Make sure you add MDCS as the target database as shown in the example above.

  5. Save the file.

  6. Initialize MetaDefender for Secure Storage by running the following command:

    sudo mdss -u init

  7. Return to the installation process and continue the installation.

Configure HTTPS communication for the web server

Production deployments should ensure that any HTTP traffic between clients (browsers or other API client) and MetaDefender for Secure Storage is encrypted using HTTPS.

Click here for detailed instructions on how to setup a certificate for NGINX web server.