Hi all. I am developing a Django app based on neo4j hosted in Digital Ocean - Ubuntu Server 18.04.
Below are the two commands I ran.
docker run --rm \
--volume=$HOME/neo4j/conf:/conf \
neo4j:3.5.14 dump-config
docker run -d --name ci6299neo4j --publish=7474:7474 --publish=7687:7687 --publish=7473:7473 --volume=$HOME/neo4j/data:/data --volume=$HOME/neo4j/logs:/logs --volume=$HOME/neo4j/conf:/conf --volume=$HOME/neo4j/import:/import --volume=$HOME/neo4j/plugins:/plugins --env NEO4J_dbms_memory_pagecache_size=4G --env NEO4J_AUTH=neo4j/root neo4j:3.5.14
I had some bad experience of being hacked. One of the loopholes I suspected was neo4j browser access. I have resolved the other suspect which was using SSH keys.
My plan is to disable neo4j browser's public access via http://MyDOIPAddress:7474/browser/ after deployment which means only the Django web app can access the neo4j database. What I did was as shown below in which I disabled HTTP/HTTPS connectors. After doing this, both my Django app and neo4j browser could not be run.
Can anyone share how I can disable the neo4j browser while allowing only the Django app to access the neo4j database?
Any other advise regarding securing my neo4j database (docker) in Digital Ocean is welcomed.
Thank you!