From 37cb492c8c898dc62a1b6652051f63f066367290 Mon Sep 17 00:00:00 2001
From: npatchor <npatchor@akamai.com>
Date: Tue, 3 Mar 2026 16:30:23 +0200
Subject: [PATCH 1/2] Docs: Modify MongoDB installation instructions for Docker

---
 docs/content/setup/docker.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/content/setup/docker.md b/docs/content/setup/docker.md
index a964b144981..3f7a5fafd57 100644
--- a/docs/content/setup/docker.md
+++ b/docs/content/setup/docker.md
@@ -35,7 +35,7 @@ any MongoDB containers or volumes associated with the previous version.
     ```bash
     sudo docker run \
         --name monkey-mongo \
-        --network=host \
+        -p 127.0.0.1:27017:27017 \
         --volume monkey-db:/data/db \
         --detach \
         mongo:6.0

From 705ab35f5a498cc4e97cb165c89e422d727ba3c6 Mon Sep 17 00:00:00 2001
From: npatchor <npatchor@akamai.com>
Date: Tue, 3 Mar 2026 16:35:57 +0200
Subject: [PATCH 2/2] Docs: Add warnings about MongoDB

---
 docs/content/setup/docker.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/docs/content/setup/docker.md b/docs/content/setup/docker.md
index 3f7a5fafd57..4a218dbfbc6 100644
--- a/docs/content/setup/docker.md
+++ b/docs/content/setup/docker.md
@@ -30,6 +30,11 @@ If you are upgrading Infection Monkey to a new version, be sure to remove
 any MongoDB containers or volumes associated with the previous version.
 {{% /notice %}}
 
+{{% notice warning %}}
+Warning: The MongoDB server used by Monkey Island is **unsecured (no authentication enabled)**.
+It listens only on the **localhost**, but it is strongly recommended to run Infection Monkey on a **dedicated host or VM** to avoid any potential security risks.
+{{% /notice %}}
+
 1. Start a MongoDB Docker container:
 
     ```bash
@@ -49,6 +54,11 @@ user [provide Infection Monkey with a
 certificate](#start-monkey-island-with-user-provided-certificate) that has
 been signed by a private certificate authority.
 
+{{% notice warning %}}
+Warning: The MongoDB server used by Monkey Island is **unsecured (no authentication enabled)**.
+It listens only on the **localhost**, but it is strongly recommended to run Infection Monkey on a **dedicated host or VM** to avoid any potential security risks.
+{{% /notice %}}
+
 1. Run the Monkey Island Server
     ```bash
     sudo docker run \
@@ -67,6 +77,11 @@ Once you have access to the Monkey Island server, check out the [getting started
 
 ## Configuring the server
 
+{{% notice warning %}}
+Warning: The MongoDB server used by Monkey Island is **unsecured (no authentication enabled)**.
+It listens only on the **localhost**, but it is strongly recommended to run Infection Monkey on a **dedicated host or VM** to avoid any potential security risks.
+{{% /notice %}}
+
 You can configure the server by mounting a volume and specifying a
  [server configuration file](../../reference/server-configuration):