cancel
Showing results for 
Search instead for 
Did you mean: 

Head's Up! Site migration is underway. Phase 2: migrate recent content

How to disable Neo4j browser in Digital Ocean Droplet Ubuntu Server 18.04

albertleng
Node

Hi all. I am developing a Django app based on neo4j hosted in Digital Ocean - Ubuntu Server 18.04.

Below are the two commands I ran.


docker run --rm \ 

--volume=$HOME/neo4j/conf:/conf \ 
neo4j:3.5.14 dump-config

docker run -d --name ci6299neo4j --publish=7474:7474 --publish=7687:7687 --publish=7473:7473 --volume=$HOME/neo4j/data:/data --volume=$HOME/neo4j/logs:/logs --volume=$HOME/neo4j/conf:/conf --volume=$HOME/neo4j/import:/import --volume=$HOME/neo4j/plugins:/plugins --env NEO4J_dbms_memory_pagecache_size=4G --env NEO4J_AUTH=neo4j/root neo4j:3.5.14

I had some bad experience of being hacked. One of the loopholes I suspected was neo4j browser access. I have resolved the other suspect which was using SSH keys.

My plan is to disable neo4j browser's public access via http://MyDOIPAddress:7474/browser/ after deployment which means only the Django web app can access the neo4j database. What I did was as shown below in which I disabled HTTP/HTTPS connectors. After doing this, both my Django app and neo4j browser could not be run.

2X_d_d29f892caa599abd1f950c23900d48f8477ffe67.png

Can anyone share how I can disable the neo4j browser while allowing only the Django app to access the neo4j database?

Any other advise regarding securing my neo4j database (docker) in Digital Ocean is welcomed.

Thank you!

2 REPLIES 2

albertleng
Node

Can anyone help me with this? Can you point me to the resources which I can study regarding this?

omerule
Graph Buddy

Goodevening,
If the Django app is hosted on the same machine. You can allow traffic through the app and manage authorisation etc within the app. And disable Neo4j access from the outside
Blocking accces can be done with firewall settings. Also in the neo4j config I think jou can set the db listening to "localhost".

Yours Kindly Omer