5.3. Ports

This section lists ports relevant to a Neo4j installation.

This section provides an overview for determining which Neo4j-specific ports should be opened up in your firewalls. Note that these ports are in addition to those necessary for ordinary network operation. Specific recommendations on port openings cannot be made, as the firewall configuration must be performed taking your particular conditions into consideration.

Name Default port number Related settings Comments

Backups

6362-6372

dbms.backup.enabled dbms.backup.listen_address

Backups are enabled by default. In production environments, external access to the backup port(s) should be blocked by a firewall. See also Chapter 10, Backup.

HTTP

7474

See Section 5.6, “Configure connectors”.

It is recommended to not open up this port for external access in production environments, since traffic is unencrypted. Used by Neo4j Browser.

HTTPS

7473

See Section 5.6, “Configure connectors”.

 

Bolt

7687

See Section 5.6, “Configure connectors”.

Used by Cypher Shell and by Neo4j Browser.

Causal Cluster

5000, 6000, 7000

causal_clustering.discovery_listen_address causal_clustering.transaction_listen_address causal_clustering.raft_listen_address

The listed ports are the default ports in neo4j.conf. The ports are likely be different in a production installation; therefore the potential opening of ports must be modified accordingly. See also Section 7.7, “Settings reference”.

Graphite monitoring

2003

metrics.graphite.server

This is an outbound connection in order for the Neo4j database to communicate with the Graphite server. See also Section 13.1, “Metrics”.

Prometheus monitoring

2004

metrics.prometheus.enabled and metrics.prometheus.endpoint

See also Section 13.1, “Metrics”.

JMX monitoring

3637

dbms.jvm.additional=-Dcom.sun.management.jmxremote.port=3637

This setting is for exposing the JMX. This is not the recommended way of inspecting a Neo4j database. It is not enabled by default.