Online Course Basic Neo4j 4.0 Administration Introduction to Neo4j Overview of Neo4j Administration Managing a Neo4j Instance Using cypher-shell to Manage Databases Copying Databases Changing the Database Location Checking Database Consistency Scripting to Manage Databases Configuring Plugins Managing HTTP Ports… Read more →

Managing HTTP Ports

About this module

Next, you will learn how to adjust access to the databases with HTTP ports.

Configuring connector ports for the Neo4j instance

The Neo4j instance uses default port numbers that may conflict with other processes on your system. The ports frequently used are the connector ports:

Name Port Number Description

HTTP

7474

Used by Neo4j Browser. It is not encrypted so it should never be exposed externally.

HTTPS

7473

Requires additional SSL configuration.

Bolt

7687

Bolt connection used by Neo4j Browser, cypher-shell, and client applications.

Default configuration: Connector ports

Here are the default settings for connector ports:

DefaultConnectorPorts

Notice that by default the HTTPS connector is disabled, but the default HTTP port is 7474 and the default bolt port is 7687. If any of these ports conflict with ports already used on your system, you can change these connector ports by modifying these property values in the neo4j.conf file.

Viewing current configuration values

As you configure a Neo4j instance, either for development, testing, or production, it is very important that you know the existing configuration values. For most Neo4j instances, you can view the neo4j.conf file. Another way that you can view the current configuration values for a Neo4j instance is with a Cypher call:

// return all configuration values
CALL dbms.listConfig() YIELD name, value RETURN name, value;

This is particularly useful when using a Docker Neo4j instance where you do not have access to the neo4j.conf file used by the instance:

listConfigDocker

Viewing specific configuration values

If you want to query the current Neo4j instance for particular configuration values, you can use Cypher’s WHERE clause to specify the filter. In this example, we want all configuration properties in the instance that contains the string “http”:

// return specific configuration values
CALL dbms.listConfig() YIELD name, value WHERE name CONTAINS "http" RETURN name,value;

listConfigDockerhttp

Connector ports: Development vs. production

In a development mode, clients can connect to the Neo4j instance using the bolt or HTTP connector ports. This is fine in a development environment only where access from different systems in your network are allowed.

By default, a Neo4j instance cannot be accessed by a client running on a different system. If you want to allow external connections to the Neo4j instance, you must set this property:

dbms.connectors.default_listen_address=0.0.0.0

In production, an application that needs to connect to the Neo4j instance from a different system, should use a secure (encrypted) connection. But another level of security for a system is to use non-default ports. In this training, we will not be configuring secure HTTPs connectors as we need a real CA for a real company to do this. You should consult the SSL documentation for details in your real, production environment.

Exercise #10: Modify the HTTP port

In this Exercise, you will modify the HTTP used by your instance. How you change the HTTP port will depend on your host OS. On OS X, the port forwarding is not as clean as on Debian so to set up a Docker Neo4j instance that uses a different HTTP port, you must create a new instance.

Before you begin

  1. Make sure you have a terminal window open to your Docker Neo4j instance for this course.
  2. Make sure the Docker Neo4j instance is started.

Exercise steps (local Docker Neo4j instance):

  1. Create a directory $HOME/docker-neo4j/testhttp. You will be creating a new container that uses this directory, rather than neo4j.
  2. Stop the Docker Neo4j instance.
  3. Copy the create_neo4j_instance.sh or create_neo4j_instance.bat to create_neo4j_instance_http.sh or create_neo4j_instance_http.bat.
  4. Modify create_neo4j_instance_http.sh or create_neo4j_instance_http.bat so that it uses the directory testhttp rather than neo4j and its name is testhttp.
  5. Modify the port mapping for 7474 to be 9999.

    InstancePort9999

  6. Run the script to create and start the testhttp instance.
  7. Confirm the docker instance successfully started.
  8. View the log for the instance.

    LogInstancePort9999

  9. Connect to the instance with cypher-shell. You will need to change the password since this is a new Neo4j instance.

    cypher-shell-testhttp

  10. Call the procedure to list the entire configuration for the instance.

    listConfigDocker

  11. Call the procedure to list all properties that have “http” in them.

    ListConfig-testhttp

  12. In a Web browser, access the server using port 9999.

    WebBrowser-testhttp

  13. Stop the testhttp Docker Neo4j instance.

Exercise summary

You have now configured and tested changes to the HTTP port and whether the Neo4j instance can be accessed from a different HTTP port.

Check your understanding

Question 1

What are the types of client connections possible for a Neo4j instance?

Select the correct answers.

  • HTTP
  • HTTPS
  • jdbc
  • bolt

Question 2

What is the default port number for HTTP access to the Neo4j instance locally?

Select the correct answer.

  • 7473
  • 7474
  • 7687
  • 8000

Question 3

What is the effect of setting this property in the neo4j.conf file?

dbms.connectors.default_listen_address=0.0.0.0

Select the correct answer.

  • Clients running on a different system can connect to the Neo4j instance.
  • Clients running on a different system cannot connect to the Neo4j instance.
  • All connections to the Neo4j instance are encrypted.
  • All connections to the Neo4j instance are not encrypted.

Summary

You should now be able to change HTTP and bolt ports for your Neo4j instance.

Stay Connected

Sign up to find out more about Neo4j's upcoming events & meetups.