Update recently? deleting

MongoDB is only exposed to localhost

it is not exposed to network when using snap

only those that have SSH access to server can access mongodb

like sysadmins etc

usually ssh is protected with public key

that is safer than using password login

and at server you can allow only http and https with ufw

if you login for example at AWS LightSail web interface

and don't expose ssh

or alternatively, only add access from your current IP address for the time you access server

For ssh it's also possible to use fwknop https://www.cipherdyne.org/fwknop/

At Snap it's also possible to set Wekan to use external mongo with sudo snap set wekan mongo-url='......'

and with docker and source/bundle too

Percona MongoDB also has encryption but I have not tried it https://www.percona.com/software/mongodb/feature-comparison

Wekan also works with Percona MongoDB

I mean Percona MongoDB server

Percona MongoDB repo is here https://github.com/percona/percona-server-mongodb

While original MongoDB is here https://github.com/mongodb/mongo

Percona website also has .deb packages etc

for installing

It is also possible to export all MongoDB data to JSON files https://github.com/wekan/wekan/wiki/Export-from-Wekan-Sandstorm-grain-.zip-file

For corruption in general, solution is to do daily backups. Many databases like MySQL, PostgreSQL and others can have database corruption also.

at least daily. More often, if possible.

Well, some years ago when I worked as SysAdmin/Cloud Architect, I helped coworker, that had Mac laptop. Upgrading to newer version of macOS had corrupted all local MySQL databases. I could not recover anything from those, only solution was to download newer database dumps and reinstall all local databases that where used from Drupal development.

I understand. And thank you again for your thoughts and all the detail. Really!! For the record this is AWS EBS so its not data corruption or anything related. I set aside additional ebs drive just to host the mongo data component not use the root drive. Now You mention several things in the thread before your last post. First you mentioned that the software was trying to remove a collection and you were surprised. You also mentioned or asked actually if this system was exposed to the internet. Since the issue was database related and since Mongodb has a history of strong arm warning folks not to every run mongo without auth (yes they get ugly) then this was a dialogue I wanted to explore. Yes indeed local host access is very secure. When I started this thread I asked about a code change that got released recently as I had three system with related symptoms (logical conclusion) right? ok well if that was not it and you saw the error about issues that did not make sense about removing a collection (your reaction) then if it not a mongo internet data breach then that kind of leaves two path outside of that. One, that the wekan software corrupts after a certain point (which as we have high traffic (dev) and low traffic (demo) and this happened all at the same time that does not makes sense either. Logs show nothing related to a denial of service issue. In point of fact one of these systems is on secure gov cloud even. Which going further down the rabbit hole could indicate that someone hacked all three systems (hacked in this case means a virus or other on wekan. Occam's razor tells me this is not likely, so I was just looking for the simple reason. I get backups. Of course. If my data is transitory (puting aside login accounts and access tokens obviously) then I can and will replace all the data anyway automatically in a second. Why do you think then why am I backing up? What in your opinion broke and why?