If I am to make an online backup using the
neo4j-admin backup tool remotely, as you advise, I have to open a public IP and the backup port on my Neo4J application.
However, I don't see
neo4j-admin asking for any login credentials, basically making it possible for anybody who wants to access the server and back it up.
There is no setting inside the
neo4j.conf that would only accept backup requests from a certain address.
So what does it mean? That when the online backups are done remotely, as you advise, the database may be vulnerable to somebody else just copying all the data?
What do you do to protect it then?