I got hacked! Someone managed to write to my MongoDB collection. Crap!
On my old blog I use MongoDB to store my documents. I'm surprised of how kind this attack was. The attacker only changed one entry in the collection! Thanks for not completely destroying my DB, hacker-guy! Other than the spelling of "loser", this is correct. I have some flaws in the setup of the MongoDB instance that made it very accessible and easy to figure out.
Initially, you need to change some fields in the "mongodb.conf" file. I bound the ip to localhost and changed the mongodb port to something else.
port = 27017 #Something else than 27017 bind_ip = 127.0.0.1
Restart the service
sudo service mongodb restart and you are ready to go!
I followed this guide and reverted to changed field. All props to the Digital Ocean community and their great docs! It's hard to forget about security when you make something work. This was a lesson learned and I'll take more caution in the future!