This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Query Neo4j in Production

Go to solution
garth_mountain
Node Link

‎09-14-2020 12:27 PM

Being very green to Neo4j I'm worried the answer to this question is obvious.

I've just started developing a Node app (accessing Neo4j) on my local machine and am now going to deploy my a dev version on Digital Ocean.
I'll be running a headless Linux server and therefore will not be able to query my database using the Neo4j browser (which I believe is a bad idea anyway due to security concerns?).

My question is to ask if something like Cypher Shell is the usual way that everyone queries their db on a headless server?
I know I can disable auth in neo4j.conf to allow browser access but what about production where one wouldn't do that. Is Cypher Shell how you query in production?

Again, apologies if there's a burning bush right in front of me that I'm just not seeing.
Thanks in anticipation.

Labels:
0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
tony_chiboucas
Neo4j
Neo4j
In response to garth_mountain

‎09-15-2020 01:05 PM

There's a lot of ways to do that. For security, my best advise is to keep it simple, and locked down.

Simple options:

  1. Again, make sure you've got good users and roles. Change the default bolt port. Use UFW (or similar) to lock it down. Turn it on temporarily when you're accessing.
  2. Reverse proxy. Change the bolt port and browser port localhost only. Then setup a reverse proxy to the browser port (:7474).

Trickier option

Replication.

Setup another machine as a read-only casual-cluster. If you're worried about people changing data, worry no more. If you're worried about people seeing the data, put it on a local, connected to your server via VPN.

View solution in original post

Reply
4 REPLIES 4

Go to solution
tony_chiboucas
Neo4j
Neo4j

‎09-14-2020 01:40 PM

There's a lot to unpack here, but I think it boils down to three unspoken assumptions/questions:

  1. How to make Neo4j secure for production?
  2. How to connect to Neo4j to run queries? (Cypher Shell?)
  3. How to secure that connection?

Precise Answer

The BOLT protocol, configured to port 7687 by default.

Short Answer

Whatever works for you, but using cypher-shell sounds off to me. Just make sure you've set up users, roles, and passwords.

0 Kudos
Reply

Go to solution
garth_mountain
Node Link
In response to tony_chiboucas

‎09-15-2020 11:34 AM

Thanks for the input, but my apologies, I wasn't clear...

The Node API does query the db using the BOLT protocol.

My question refers to when I am debugging something and I need to randomly run queries against the db to check my data.
On my local machine I just use the Neo4j browser but since I cannot do that on the Digital Ocean server without exposing security... then what do I use to do random queries on the db?

0 Kudos
Reply

Go to solution
tony_chiboucas
Neo4j
Neo4j
In response to garth_mountain

‎09-15-2020 01:05 PM

There's a lot of ways to do that. For security, my best advise is to keep it simple, and locked down.

Simple options:

  1. Again, make sure you've got good users and roles. Change the default bolt port. Use UFW (or similar) to lock it down. Turn it on temporarily when you're accessing.
  2. Reverse proxy. Change the bolt port and browser port localhost only. Then setup a reverse proxy to the browser port (:7474).

Trickier option

Replication.

Setup another machine as a read-only casual-cluster. If you're worried about people changing data, worry no more. If you're worried about people seeing the data, put it on a local, connected to your server via VPN.

Reply

Go to solution
garth_mountain
Node Link
In response to tony_chiboucas

‎09-20-2020 02:09 AM

May thanks, much appreciated.

0 Kudos
Reply
Nodes 2022
Nodes
NODES 2022, Neo4j Online Education Summit

All the sessions of the conference are now available online

Watch replays