DOCS-6882 deprecated HTTP interface

srenaker · Jan 20, 2016 · c214503 · c214503
1 parent 007325d
commit c214503
Show file tree

Hide file tree

Showing 12 changed files with 46 additions and 8 deletions.
diff --git a/source/administration/monitoring.txt b/source/administration/monitoring.txt
@@ -89,6 +89,8 @@ match your expectations. See the :doc:`mongotop manual
 HTTP Console
 ````````````
 
+.. include:: /includes/fact-deprecated-http-interface.rst
+
 MongoDB provides a web interface that exposes diagnostic
 and monitoring information in a simple web page. The web interface is
 accessible at ``localhost:<port>``, where the

diff --git a/source/administration/production-notes.txt b/source/administration/production-notes.txt
@@ -192,12 +192,14 @@ For Windows users, consider the `Windows Server Technet Article on TCP
 Configuration <http://technet.microsoft.com/en-us/library/dd349797.aspx>`_
 when deploying MongoDB on Windows.
 
-Disable HTTP Interfaces
-~~~~~~~~~~~~~~~~~~~~~~~
+Disable HTTP Interface
+~~~~~~~~~~~~~~~~~~~~~~
 
-MongoDB provides interfaces to check the status of the server and,
-optionally, run queries on it, over HTTP. In production environments,
-disable the HTTP interfaces.
+MongoDB provides an HTTP interface to check the status of the server
+and, optionally, run queries. The HTTP interface is disabled by default. Do
+not enable the HTTP interface in production environments.
+
+.. include:: /includes/fact-deprecated-http-interface.rst
 
 See :ref:`http-interface-security`.
 

diff --git a/source/administration/security-checklist.txt b/source/administration/security-checklist.txt
@@ -101,10 +101,12 @@ server-side scripting by using the :option:`--noscripting <mongod
 
 Use only the MongoDB wire protocol on production deployments. Do **not**
 enable the following, all of which enable the web server interface:
-:setting:`~net.http.enabled`, :setting:`net.http.JSONPEnabled`, and
+:setting:`net.http.enabled`, :setting:`net.http.JSONPEnabled`, and
 :setting:`net.http.RESTInterfaceEnabled`. Leave
 these *disabled*, unless required for backwards compatibility.
 
+.. include:: /includes/fact-deprecated-http-interface.rst
+
 Keep input validation enabled. MongoDB enables input validation by default
 through the :setting:`~net.wireObjectCheck` setting. This ensures that all
 documents stored by the :program:`mongod` instance are valid :term:`BSON`.

diff --git a/source/core/kerberos.txt b/source/core/kerberos.txt
@@ -161,6 +161,8 @@ The MongoDB :ecosystem:`HTTP Console
 </tools/http-interfaces/#http-console>` interface does not support
 Kerberos authentication.
 
+.. include:: /includes/fact-deprecated-http-interface.rst
+
 DNS
 ~~~
 

diff --git a/source/core/security-hardening.txt b/source/core/security-hardening.txt
@@ -16,9 +16,11 @@ only trusted hosts have access to MongoDB.
 MongoDB Configuration Hardening
 -------------------------------
 
-For MongoDB, ensure that HTTP status interface and the REST API API are
+For MongoDB, ensure that HTTP status interface and the REST API are
 disabled in production to prevent potential data exposure to attackers.
 
+.. include:: /includes/fact-deprecated-http-interface.rst
+
 For more information, see :doc:`/core/security-mongodb-configuration`.
 
 Network Hardening

diff --git a/source/core/security-mongodb-configuration.txt b/source/core/security-mongodb-configuration.txt
@@ -17,6 +17,8 @@ HTTP Status Interface
 
 .. include:: /includes/warning-http-interface.rst
 
+.. include:: /includes/fact-deprecated-http-interface.rst
+
 .. versionchanged:: 2.6
 
    The :program:`mongod` and :program:`mongos` instances run with the HTTP interface
@@ -60,6 +62,8 @@ provide any support for insert, update, or remove operations, it does
 provide administrative access, and its accessibility represents a
 vulnerability in a secure environment. 
 
+.. include:: /includes/fact-deprecated-http-interface.rst
+
 The REST interface is *disabled* by default and is not recommended for production use.
 
 The :setting:`net.http.RESTInterfaceEnabled` setting for :program:`mongod` enables a

diff --git a/source/includes/fact-deprecated-http-interface.rst b/source/includes/fact-deprecated-http-interface.rst
@@ -0,0 +1,3 @@
+.. deprecated:: 3.2
+
+   HTTP interface for MongoDB
diff --git a/source/includes/options-conf.yaml b/source/includes/options-conf.yaml
@@ -435,6 +435,8 @@ type: boolean
 directive: setting
 description: |
   The port on which the HTTP interface listens.
+  
+  .. include:: /includes/fact-deprecated-http-interface.rst
 ---
 program: conf
 name: net.unixDomainSocket.enabled

diff --git a/source/includes/options-mongod.yaml b/source/includes/options-mongod.yaml
@@ -543,6 +543,9 @@ description: |
   interface can increase network exposure. The {{role}} option enables the
   HTTP interface, even if the :setting:`HTTP interface <net.http.enabled>`
   option is disabled.
+
+  .. include:: /includes/fact-deprecated-http-interface.rst
+
 optional: true
 replacement:
   verb: "Permits"
@@ -579,7 +582,8 @@ name: httpinterface
 args: null
 directive: option
 description: |
-  .. versionadded:: 2.6
+
+  .. include:: /includes/fact-deprecated-http-interface.rst
 
   {{intro}} the HTTP interface. Enabling the interface can increase
   network exposure.
@@ -592,6 +596,8 @@ description: |
 
      - .. include:: /includes/fact-http-interface-kerberos.rst
 
+  .. versionadded:: 2.6
+
 optional: true
 replacement:
   intro: "Enables"
@@ -801,6 +807,9 @@ description: |
   enables the HTTP interface, even if the :setting:`HTTP interface
   <net.http.enabled>` option is disabled, and as a result can increase
   network exposure.
+
+  .. include:: /includes/fact-deprecated-http-interface.rst
+
 optional: true
 replacement:
   verb: "Enables"

diff --git a/source/includes/options-mongostat.yaml b/source/includes/options-mongostat.yaml
@@ -197,6 +197,9 @@ args: null
 description: |
   Configures :program:`mongostat` to collect data using the HTTP interface
   rather than a raw database connection.
+
+  .. include:: /includes/fact-deprecated-http-interface.rst
+
 optional: true
 ---
 program: mongostat

diff --git a/source/reference/glossary.txt b/source/reference/glossary.txt
@@ -815,6 +815,8 @@ Glossary
      interface that allows HTTP clients to run commands against the
      server. See :ref:`rest-api`.
 
+     .. include:: /includes/fact-deprecated-http-interface.rst
+
    role
      A set of privileges that permit :term:`actions <action>` on
      specified :term:`resources <resource>`. Roles assigned to a user

diff --git a/source/release-notes/3.2.txt b/source/release-notes/3.2.txt
@@ -755,6 +755,11 @@ addition to the numbers corresponding to the BSON types.
 :method:`db.collection.distinct()` method. For more information, see
 :method:`db.collection.explain()`.
 
+Deprecation of the HTTP Interface
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Starting in 3.2, MongoDB deprecates its HTTP interface.
+
 .. _3.2-relnotes-2dsphere-index:
 
 Geospatial Optimization
-Original file line number
+Diff line change
@@ Expand Up / @@ -161,6 +161,8 @@ The MongoDB :ecosystem:`HTTP Console @@
     </tools/http-interfaces/#http-console>` interface does not support
     Kerberos authentication.
+    .. include:: /includes/fact-deprecated-http-interface.rst
     DNS
     ~~~
@@ Expand Down @@
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		.. deprecated:: 3.2

		HTTP interface for MongoDB