Normally the answer to question is to set:
bindIp: 127.0.0.1
I have this set in /etc/mongod.conf. Unfortunately I am still allowed access to this database remotely. I have restarted the Mongo service a couple times, to no avail.
Does anyone have an idea as to why my database is still accessible remotely?
I'm using MongoDB version 3.0.9
Remoting in to mongod clients using bindIp = 127.0.0.1 is possible through an SSH tunnel because the shell session is seen as 127.0.0.1.