Below is an example log from an Apache webservers access log at /var/log/apache2/access.log and includes 4 request made by
From the above we see that apoc.load.json sent a user-agent of
APOC Procedures for Neo4j and LOAD CSV sent a user-agent of
NeoLoadCSV_Java/1.8.0_151. Additionally for any Bolt enabled application, for example Neo4j Browser and cypher-shell the
user-agent will be the same since the work is actually being done on the server itself.
As such if your Network Firewall is to only allow HTTP(s) request traffic of the typical known user-agent/browser identifiers, and reject all other traffic you may encounter where the a request through a typical browser reports data but when using APOC or LOAD CSV no data is returned.