You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+12Lines changed: 12 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -230,6 +230,18 @@ With Atlas API credentials:
230
230
231
231
#### Option 6: Running as an HTTP Server
232
232
233
+
> **⚠️ Security Notice:** This server now supports Streamable HTTP transport for remote connections. **HTTP transport is NOT recommended for production use without implementing proper authentication and security measures.**
234
+
235
+
**Suggested Security Measures Examples:**
236
+
237
+
- Implement authentication (e.g., API gateway, reverse proxy)
238
+
- Use HTTPS/TLS encryption
239
+
- Deploy behind a firewall or in private networks
240
+
- Implement rate limiting
241
+
- Never expose directly to the internet
242
+
243
+
For more details, see [MCP Security Best Practices](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations).
244
+
233
245
You can run the MongoDB MCP Server as an HTTP server instead of the default stdio transport. This is useful if you want to interact with the server over HTTP, for example from a web client or to expose the server on a specific port.
234
246
235
247
To start the server with HTTP transport, use the `--transport http` option:
0 commit comments