4.3. Ports

This section lists ports relevant to a Neo4j installation.

This section provides an overview for determining which Neo4j-specific ports should be opened up in your firewalls. Note that these ports are in addition to those necessary for ordinary network operation. Specific recommendations on port openings cannot be made, as the firewall configuration must be performed taking your particular conditions into consideration.

Name Default port number Related settings Comments

Backups

6362-6372

dbms.backup.enabled dbms.backup.address

Backups are enabled by default. In production environments, external access to the backup port(s) should be blocked by a firewall. See also Chapter 7, Backup.

HTTP

7474

See Section 4.7, “Configure connectors”.

It is recommended to not open up this port for external access in production environments, since traffic is unencrypted. Used by Neo4j Browser. Also used by REST API.

HTTPS

7473

See Section 4.7, “Configure connectors”.

Also used by REST API.

Bolt

7687

See Section 4.7, “Configure connectors”.

Used by Cypher Shell and by Neo4j Browser.

Causal Cluster

5000, 6000, 7000

causal_clustering.discovery_listen_address causal_clustering.transaction_listen_address causal_clustering.raft_listen_address

The listed ports are the default ports in neo4j.conf. The ports are likely be different in a production installation; therefore the potential opening of ports must be modified accordingly. See also Section 5.5, “Settings reference”.

HA Cluster

5001, 6001

ha.host.coordination ha.host.data

The listed ports are the default ports in neo4j.conf. The ports will most likely be different in a production installation; therefore the potential opening of ports must be modified accordingly. See also Appendix D, HA cluster.

Graphite monitoring

2003

metrics.graphite.server

This is an outbound connection in order for the Neo4j database to communicate with the Graphite server. See also Section 10.1, “Metrics”.

Prometheus monitoring

2004

metrics.prometheus.enabled and metrics.prometheus.endpoint

See also Section 10.1, “Metrics”.

JMX monitoring

3637

dbms.jvm.additional=-Dcom.sun.management.jmxremote.port=3637

This setting is for exposing the JMX. This is not the recommended way of inspecting a Neo4j database. It is not enabled by default.