How to open Neo4J Webadmin to remote control? - neo4j

I have installed a Neo4J instance on my server on port 7474. My domain is also using that server and I want webadmin to be used remotely with a username and a password like this:
example.com:7474
Is there a way to do that? I could not find any guideline in the Neo4J documentation.

Did you get a chance to go through Neo4j Server Configuration documentation? It says:
#allow any client to connect
org.neo4j.server.webserver.address=0.0.0.0
This line in conf/neo4j-server.properties is commented by default and limits access to port 7474 to localhost or 127.0.0.1 (which probably is the reason why things work for your domain using that server and accessing Neo4j over localhost). Uncomment that line and it should make port 7474 accessible to everyone i.e. 0.0.0.0.
In order to secure your Neo4j server with an Authorization layer, you might want to refer Securing access to the Neo4j Server documentation.

In my case on ubuntu the line to uncomment was
dbms.connector.http.address=0.0.0.0:7474
File location
Ubuntu: /etc/neo4j/neo4j.conf
Neo4j 3.0.6

Related

Neo4j setup in OpenShift

I am having difficulties deploying Neo4j official docker image https://hub.docker.com/_/neo4j to an OpenShift environment and accessing it from outside (from my local machine)
I have performed the following steps:
oc new-app neo4j
Created route for port 7474
Set up the environment variable NEO4J_dbms_connector_bolt_listen__address to 0.0.0.0:7687 which is the equivalent of seting up the dbms.connector.bolt.listen_address=0.0.0.0:7687 in the neo4j.conf file.
Access the route url from local machine which will open the neo4j browser which requires authentication. At this point I am blocked because any combination of urls I try are unsuccessful.
As a workaround I have managed to forward 7687 port to my local machine, install Neo4j Desktop solution and connect via bolt://localhost:7687 but this is not the ideal solution.
Therefore there are two questions:
1. How can I connect from the neo4j browser to it's own database
How can I connect from external environment (trough OpenShift route) to the Neo4j DB
I have no experience with the OpenShift, but try to add the following config:
dbms.default_listen_address=0.0.0.0
Is there any other way for you to connect to Neo4j, so that you could further inspect the issue?
Short answer:
To connect to the DB that is most likely a configuration issue, maybe Tomaž Brataničs answer is the solution. As for accessing the DB from outside, you will most likely need a NodePort.
Long answer:
Note that OpenShift Routes are for HTTP / HTTPS traffic and not for any other kind of traffic. Typically, the "Routers" of an OpenShift cluster listen only on Port 80 and 443, so connecting to your database on any other port will most likely not work (although this heavily depends on your cluster configuration).
The solution for non-HTTP(S) traffic is to use NodePorts as described in the OpenShift documentation: https://docs.openshift.com/container-platform/3.11/dev_guide/expose_service/expose_internal_ip_nodeport.html
Note that also for NodePorts, you might need to have your cluster administrator add additional ports to the loadbalancer or you might need to connect to the OpenShift Nodes directly. Refer to the documentation on how to use NodePorts.

neo4j database started via windows service not accessible remotely

I am setting up window service for my neo4j database. I am able to start that from service and I can do a http post cypher query using localhost. However, I can't connect to the neo4j db remotely.
If I start the neo4j db via neo4j Desktop, I can perform http post both locally and remotely.
When I compared the neo4j logs generated using service start vs neo4j desktop start, they are quite different but no error on the service one.
Any idea?
By default, Neo4j server is not accessible remotely.
You need to change $NEO4J_HOME/conf/neo4j.conf.
Find this line:
#dbms.connector.http.address=localhost:7474
And Replace it with:
dbms.connector.http.address=0.0.0.0:7474
Setting connector address to 0.0.0.0 makes it accessible remotely.

Neo4j 3.0 setup issues

With neo4j 2.3.x community edition I use to set the ip address to local host and change the port to allow multiple instances for development.
#org.neo4j.server.webserver.address=0.0.0.0
org.neo4j.server.webserver.port=7384
Upon starting the instance, I use to have a confirmation message with ip and port.
Starting Neo4j Server...WARNING: not changing user
process [28531]... waiting for server to be ready........ OK.
http://localhost:7384/ is ready.
I would then upload data using a shell script and cypher commands.
$neo/bin/neo4j-shell -path $neo/data/graph.db -file upload.cypher
With neo4j 3.0, the server setup slightly changed. I turned on HTTP connection, CSV import, and shell connection.
dbms.connector.http.enabled=true
dbms.connector.http.address=localhost:7384
dbms.shell.enabled=true
# dbms.shell.host=127.0.0.1
dbms.shell.port=1387
When I start the instance, I get the following message in which the port is not correct.
Starting Neo4j.
Started neo4j (pid 28718). By default, it is available at http://localhost:7474/
There may be a short delay until the server is ready.
Uploading data with the same shell script as for neo4j-2.3.x works well, no error message and I can see the data using neo4j-shell.
./neo4j-3.0.0/bin/neo4j-shell -path neo4j-3.0.0/data/graph.db
However, when I connect using host and port instead, I see no data. Furthermore, when I connect using the web interface, I see no data either.
./neo4j-3.0.0/bin/neo4j-shell -host localhost -port 1387
Is there anything wrong in my database setup?
Thanks!
In 3.0 the location of the datastore has changed. 2.x used data/graph.db, in 3.0 it's by default in data/databases/graph.db. So you want to change your setup script to:
./neo4j-3.0.0/bin/neo4j-shell -path neo4j-3.0.0/data/databases/graph.db

Remote connection to Neo4j server

I believe the way to creating a remote connection is by changing this line in conf/neo4j-server.properties, specifically by removing the comment and restarting the server.
org.neo4j.server.webserver.address=0.0.0.0
My URL is https://0.0.0.0:7473/browser/ and works on the local machine, but when I test the URL in Safari on iPhone over 3G, it cannot connect.
What do I set the address to in the properties file?
I thought it was the IP address of my computer, but after trying the remote address which I got from Googling “ip address mac” that didn’t work, nor did (obviously) the local IP address of my machine, 192.168.0.14
I should point out that setting it to the IP address from Google throws an error and the log reads:
2015-01-29 17:10:08.888+0000 INFO [API] Failed to start Neo Server on port [7474], reason [MultiException[java.net.BindException: Can't assign requested address, java.net.BindException: Can't assign requested address]]
With default configuration Neo4j only accepts local connections
In neo4j-community-3.1.0 edit conf/neo4j.conf file and uncomment the following to accept non-local connections
dbms.connectors.default_listen_address=0.0.0.0
By setting
org.neo4j.server.webserver.address=0.0.0.0
enables Neo4j on all network interfaces.
The remainder of that reply is not Neo4j related at all - it's regular networking. Double check if port 7473 (and/or 7474) are not blocked neither be a locally running firewall nor by your router. You local IP 192.168.0.14 indicates you're behind a router doing NAT. Therefore you have to setup a port forwarding in your router for the ports mentioned above.
Please be aware that this is potentially dangerous since everyone knowing your external IP can access your Neo4j instance. Consider using either https://github.com/neo4j-contrib/authentication-extension or use a VPN in favour of port forwarding.
in 3.0:
##### To have HTTP accept non-local connections, uncomment this line
dbms.connector.http.address=0.0.0.0:7474
Confused myself with the setting. Anyone who has the same problem, 0.0.0.0 just means “this server isn’t local any more” and so to access it you use the public IP address of the computer that’s hosting the Neo4j server.
Just make sure that the ports you set in the server properties (default are 7474 and 7473) are open for incoming connections on your router/firewall etc.
I think there's some confusion here. That configuration property org.neo4j.server.webserver.address is about which IP address the server you're starting listens on for external connections. Relevant documentation is here.
It seems you're asking how to configure your database to talk to a remote database. I don't think you can do that. Rather, by editing that file you're planning on running a database on the host where that file is. Your local database on that host will write files to wherever the org.neo4j.server.database.location configuration parameter points.
A remote connection is something that the neo4j shell might establish, or that you browser might make to a foreign server running neo4j; but you don't establish that sort of remote connection by editing that file. Hopefully this helps.
Also if you have ssh access to remote server with neo4j you can setup ssh tunnel to access it via localhost:
ssh -NfL localhost:7474:localhost:7474 -L localhost:7687:localhost:7687 yourname#yourhost
then type in browser:
localhost:7474
Depends on the version.
Look for the phrase 'non-local connections' in the conf file.(In my case, $NEO4J_HOME/conf/neo4j.conf)
Then follow the instructions in the comments.
In my case,
# With default configuration Neo4j only accepts local connections.
# To accept non-local connections, uncomment this line:
server.default_listen_address=0.0.0.0

How to view neo4j database on the hosted linode server

I am running standalone neo4j database server at localhost:7474 on a linode instance.
Is there any way to view this in the browser?
If you have SSH access to the Linode instance then you can run ssh -L 7474:localhost:7474 youruser#123.123.123.123 which will tunnel the remote port 7474 to localhost 7474. In your browser you can now use http://localhost:7474 to see the remote server without opening anything to the world.
You want what's called a "reverse proxy". Outside of your box, you can't talk about localhost:7474 as a hostname. So you want an external facing web server that "proxies" requests and sends them to localhost:7474.
One such option is Apache mod_proxy used as a reverse proxy. Examples on how to use it are behind the link. In general it's going to boil down to a configuration directive that looks something like:
ProxyPassReverse /neo4j http://localhost:7474
You also really want to read the documentation on securing the neo4j server.
WARNING - neo4j's web interface will let you do just about anything without authentication, including delete all of your data, change it, put new data in, and so on. It is a very bad idea to expose that functionality to the entire internet. So if you use a reverse proxy as suggested above, make sure you add some authentication layer (again you can do this with apache and mod_proxy) to permit just any random person from connecting to your instance and optionally deciding to trash it.

Resources