Hi all. I am developing a Django app based on neo4j hosted in Digital Ocean - Ubuntu Server 18.04.
Below are the two commands I ran.
docker run --rm \ --volume=$HOME/neo4j/conf:/conf \ neo4j:3.5.14 dump-config
docker run -d --name ci6299neo4j --publish=7474:7474 --publish=7687:7687 --publish=7473:7473 --volume=$HOME/neo4j/data:/data --volume=$HOME/neo4j/logs:/logs --volume=$HOME/neo4j/conf:/conf --volume=$HOME/neo4j/import:/import --volume=$HOME/neo4j/plugins:/plugins --env NEO4J_dbms_memory_pagecache_size=4G --env NEO4J_AUTH=neo4j/root neo4j:3.5.14
I had some bad experience of being hacked. One of the loopholes I suspected was neo4j browser access. I have resolved the other suspect which was using SSH keys.
My plan is to disable neo4j browser's public access via http://MyDOIPAddress:7474/browser/ after deployment which means only the Django web app can access the neo4j database. What I did was as shown below in which I disabled HTTP/HTTPS connectors. After doing this, both my Django app and neo4j browser could not be run.
Can anyone share how I can disable the neo4j browser while allowing only the Django app to access the neo4j database?
Any other advise regarding securing my neo4j database (docker) in Digital Ocean is welcomed.