Apache CouchDB, the NoSQL database lauded for its speed and querying capacities, but derided for potentially lax default security choices, just rolled out a 3.0 release that addresses the security questions head-on, making the database now “secure by default.”
The CouchDB 3.0 release also addresses some of the database’s horizontal scalability constraints, improves its native full-text search system, and adds other performance optimizations.
Since its inception, CouchDB has favored what its developers describe as an “open by default” philosophy, meaning default configurations were designed to make it easy to get the database up and running. However, these default choices also made CouchDB more vulnerable to attack. In 2017, many open-by-default CouchDB deployments were vandalized.