24.2. Server Configuration

Important server configuration parameters

The main configuration file for the server can be found at conf/neo4j-server.properties. This file contains several important settings, and although the defaults are sensible administrators might choose to make changes (especially to the port settings).

Set the location on disk of the database directory like this:


On Windows systems, absolute locations including drive letters need to read "c:/data/db".

Specify the HTTP server port supporting data, administrative, and UI access:


Specify the client accept pattern for the webserver (default is, localhost only):

#allow any client to connect

For securing the Neo4j Server, see also Chapter 27, Security

Set the location of the round-robin database directory which gathers metrics on the running server instance:


Set the URI path for the REST data API through which the database is accessed. This should be a relative path.


Setting the management URI for the administration API that the Webadmin tool uses. This should be a relative path.


Force the server to use IPv4 network addresses, in conf/neo4j-wrapper.conf under the section Java Additional Parameters add a new paramter:


Specify the number of threads used by the Neo4j Web server to control the level of concurrent HTTP requests that the server will service.


The default value is the number of CPUs reported available by the JVM, limited to a maximum of 500. The limit can be exceeded by specifying a larger value.

The server guards against orphaned transactions by using a timeout. If there are no requests for a given transaction within the timeout period, the server will roll it back. You can configure the timeout period by setting the following property to the number of seconds before timeout. The default timeout is 60 seconds.


Low-level performance tuning parameters can be explicitly set by referring to the following property:


If this property isn’t set, the server will look for a file called neo4j.properties in the same directory as the neo4j-server.properties file.

If this property isn’t set, and there is no neo4j.properties file in the default configuration directory, then the server will log a warning. Subsequently at runtime the database engine will attempt tune itself based on the prevailing conditions.

Neo4j Database performance configuration

The fine-tuning of the low-level Neo4j graph database engine is specified in a separate properties file, conf/neo4j.properties.

The graph database engine has a range of performance tuning options which are enumerated in Section 24.3, “Server Performance Tuning”. Note that other factors than Neo4j tuning should be considered when performance tuning a server, including general server load, memory and file contention, and even garbage collection penalties on the JVM, though such considerations are beyond the scope of this configuration document.

HTTP logging configuration

As well as logging events happening within the Neo4j server, it is possible to log the HTTP requests and responses that the server consumes and produces. Configuring HTTP logging requires operators to enable and configure the logger and where it will log; and then to optionally configure the log format.


By default the HTTP logger uses Common Log Format meaning that most Web server tooling can automtically consume such logs. In general users should only enable HTTP logging, select an output directory, and if necessary alter the rollover and retention policies.

To enable HTTP logging, edit the conf/neo4j-server.properties file to resemble the following:


Using org.neo4j.server.http.log.enabled=true tells the server that HTTP logging is enabled. HTTP logging can be disabled completely by setting this property to false. The setting org.neo4j.server.http.log.config=conf/neo4j-http-logging.xml specifies the logging format and rollover policy file that governs how HTTP log output is presented and archived. The defaults provided with Neo4j server uses an hourly log rotation and Common Log Format.

If logging is set up to use log files then the server will check that the log file directory exists and is writable. If this check fails, then the server will not start and will report the failure to another available channel like standard out.


Neo4j server now has experimental support for logging full request and response bodies. It is enabled by setting the following property in neo4j-server.properties:


The following logging pattern must also be specified in neo4j-http-logging.xml:


This functionality fully duplicates HTTP requests and responses, logging them out to disk. As such it is strongly advised to not run this in a production setting because of the potential to constrain performance. However it can prove useful in testing and pre-production environments.

Using X-Forwarded-Proto and X-Forwarded-Host to parameterize the base URI for REST responses

There are occasions, for example when you want to host Neo4j server behind a proxy (e.g. one that handles HTTPS traffic), and still have Neo4j respect the base URI of that externally visible proxy.

Ordinarily Neo4j uses the HOST header of the HTTP request to construct URIs in its responses. Where a proxy is involved however, this is often undesirable. Instead Neo4j uses the X-Forwarded-Host and X-Forwarded-Proto headers provided by proxies to parameterize the URIs in the responses from the database’s REST API. From the outside it looks as if the proxy generated that payload. If an X-Forwarded-Host header value contains more than one address (X-Forwarded-Host allows comma-and-space separated lists of addresses), Neo4j picks the first, which represents the client request.

In order to take advantage of this functionality your proxy server must be configured to transmit these headers to the Neo4j server. Failure to transmit both X-Forwarded-Host and X-Forwarded-Proto headers will result in the original base URI being used.

Enabling logging from the garbage collector

To get garbage collection logging output you have to pass the corresponding option to the server JVM executable by setting the following value in conf/neo4j-wrapper.conf:


This line is already present and needs uncommenting. Note also that logging is not directed to console. You will find the logging statements in data/log/ne4j-gc.log or whatever directory you set the option to.

Web Interface configuration settings

Whitelist for remote guides in Browser

The Browser can :play guides from remote locations. You can specify a whitelist of hosts from where the Browser will be allowed to fetch content from.

In the conf/neo4j-server.properties file:

# To allow default hosts

# To allow all hosts (enterprise edition only)

Outgoing connections for Browser

The Browser can load services and data from remote locations and with this configuration this can be restricted.

In the conf/neo4j-server.properties file:


Disabling console types in Webadmin

You may, for security reasons, want to disable the the Neo4j Shell in Webadmin. Shells allow arbitrary code execution, and so they could constitute a security risk if you do not trust all users of your Neo4j Server.

In the conf/neo4j-server.properties file:

# To disable all shells:

# To enable only the Neo4j Shell: