Online Course Basic Neo4j 4.0 Administration Introduction to Neo4j Overview of Neo4j Administration Managing a Neo4j Instance Using cypher-shell to Manage Databases Copying Databases Changing the Database Location Checking Database Consistency Scripting to Manage Databases Configuring Plugins Managing HTTP Ports… Read more →
Managing HTTP Ports
The Neo4j instance uses default port numbers that may conflict with other processes on your system. The ports frequently used are the connector ports:
Used by Neo4j Browser. It is not encrypted so it should never be exposed externally.
Requires additional SSL configuration.
Bolt connection used by Neo4j Browser, cypher-shell, and client applications.
Here are the default settings for connector ports:
Notice that by default the HTTPS connector is disabled, but the default HTTP port is 7474 and the default bolt port is 7687. If any of these ports conflict with ports already used on your system, you can change these connector ports by modifying these property values in the neo4j.conf file.
As you configure a Neo4j instance, either for development, testing, or production, it is very important that you know the existing configuration values. For most Neo4j instances, you can view the neo4j.conf file. Another way that you can view the current configuration values for a Neo4j instance is with a Cypher call:
// return all configuration values CALL dbms.listConfig() YIELD name, value RETURN name, value;
This is particularly useful when using a Docker Neo4j instance where you do not have access to the neo4j.conf file used by the instance:
If you want to query the current Neo4j instance for particular configuration values, you can use Cypher’s WHERE clause to specify the filter. In this example, we want all configuration properties in the instance that contains the string “http”:
// return specific configuration values CALL dbms.listConfig() YIELD name, value WHERE name CONTAINS "http" RETURN name,value;
In a development mode, clients can connect to the Neo4j instance using the bolt or HTTP connector ports. This is fine in a development environment only where access from different systems in your network are allowed.
By default, a Neo4j instance cannot be accessed by a client running on a different system. If you want to allow external connections to the Neo4j instance, you must set this property:
In production, an application that needs to connect to the Neo4j instance from a different system, should use a secure (encrypted) connection. But another level of security for a system is to use non-default ports. In this training, we will not be configuring secure HTTPs connectors as we need a real CA for a real company to do this. You should consult the SSL documentation for details in your real, production environment.
- Make sure you have a terminal window open to your Docker Neo4j instance for this course.
- Make sure the Docker Neo4j instance is started.
- Create a directory $HOME/docker-neo4j/testhttp. You will be creating a new container that uses this directory, rather than neo4j.
- Stop the Docker Neo4j instance.
- Copy the create_neo4j_instance.sh or create_neo4j_instance.bat to create_neo4j_instance_http.sh or create_neo4j_instance_http.bat.
- Modify create_neo4j_instance_http.sh or create_neo4j_instance_http.bat so that it uses the directory testhttp rather than neo4j and its name is testhttp.
Modify the port mapping for 7474 to be 9999.
- Run the script to create and start the testhttp instance.
- Confirm the docker instance successfully started.
View the log for the instance.
Connect to the instance with cypher-shell. You will need to change the password since this is a new Neo4j instance.
Call the procedure to list the entire configuration for the instance.
Call the procedure to list all properties that have “http” in them.
In a Web browser, access the server using port 9999.
- Stop the testhttp Docker Neo4j instance.
You have now configured and tested changes to the HTTP port and whether the Neo4j instance can be accessed from a different HTTP port.
What are the types of client connections possible for a Neo4j instance?
Select the correct answers.
What is the default port number for HTTP access to the Neo4j instance locally?
Select the correct answer.
What is the effect of setting this property in the neo4j.conf file?
Select the correct answer.
- Clients running on a different system can connect to the Neo4j instance.
- Clients running on a different system cannot connect to the Neo4j instance.
- All connections to the Neo4j instance are encrypted.
- All connections to the Neo4j instance are not encrypted.