Re: [Neo4j] Blocking access to the Neo4j web admin interface
Thanks, on it! Will add a setting in the config files, too. Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Fri, Sep 9, 2011 at 12:48 AM, Linan Wang tali.w...@gmail.com wrote: done. https://github.com/neo4j/community/pull/16 On Thu, Sep 8, 2011 at 11:21 PM, Michael Hunger michael.hun...@neotechnology.com wrote: Linan, your diff didn't make it could you just issue an pull request for that. And Peter should get you sign a CLA btw. Cheers Michael Am 08.09.2011 um 18:33 schrieb Linan Wang: tested the idea, it doesn't work. so i made simple changes to the server code and diff is attached. to change the binding ip of the webserver: add following line to conf/neo4j-server.properties: org.neo4j.server.webserver.address=127.0.0.1 On Thu, Sep 8, 2011 at 2:55 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: That sounds good. Could you try it and report back? Would love to add it to the manual and as a setting. Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:34 PM, Linan Wang tali.w...@gmail.com wrote: since neo4j just uses jetty, i think the simple solution would be add option in neo4j shell script: -Djetty.host=127.0.0.1 to make it only listen to local request. then use ssh tunnel to expose service to designated machines. On Thu, Sep 8, 2011 at 2:18 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: Hi there, you can block access to it by blocking the access to the URL (localhost:.../webadmin) and even /db/manage. That requires probably to set up apache and mod_proxy in front of the Neo4j server, but I think that is a good idea in production scenarios anyway. http://docs.neo4j.org/chunked/snapshot/operations-security.html Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:08 PM, carze ca...@som.umaryland.edu wrote: I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
[Neo4j] Blocking access to the Neo4j web admin interface
I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
Re: [Neo4j] Blocking access to the Neo4j web admin interface
Hi there, you can block access to it by blocking the access to the URL (localhost:.../webadmin) and even /db/manage. That requires probably to set up apache and mod_proxy in front of the Neo4j server, but I think that is a good idea in production scenarios anyway. http://docs.neo4j.org/chunked/snapshot/operations-security.html Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:08 PM, carze ca...@som.umaryland.edu wrote: I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
Re: [Neo4j] Blocking access to the Neo4j web admin interface
since neo4j just uses jetty, i think the simple solution would be add option in neo4j shell script: -Djetty.host=127.0.0.1 to make it only listen to local request. then use ssh tunnel to expose service to designated machines. On Thu, Sep 8, 2011 at 2:18 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: Hi there, you can block access to it by blocking the access to the URL (localhost:.../webadmin) and even /db/manage. That requires probably to set up apache and mod_proxy in front of the Neo4j server, but I think that is a good idea in production scenarios anyway. http://docs.neo4j.org/chunked/snapshot/operations-security.html Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:08 PM, carze ca...@som.umaryland.edu wrote: I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
Re: [Neo4j] Blocking access to the Neo4j web admin interface
That sounds good. Could you try it and report back? Would love to add it to the manual and as a setting. Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:34 PM, Linan Wang tali.w...@gmail.com wrote: since neo4j just uses jetty, i think the simple solution would be add option in neo4j shell script: -Djetty.host=127.0.0.1 to make it only listen to local request. then use ssh tunnel to expose service to designated machines. On Thu, Sep 8, 2011 at 2:18 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: Hi there, you can block access to it by blocking the access to the URL (localhost:.../webadmin) and even /db/manage. That requires probably to set up apache and mod_proxy in front of the Neo4j server, but I think that is a good idea in production scenarios anyway. http://docs.neo4j.org/chunked/snapshot/operations-security.html Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:08 PM, carze ca...@som.umaryland.edu wrote: I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
Re: [Neo4j] Blocking access to the Neo4j web admin interface
tested the idea, it doesn't work. so i made simple changes to the server code and diff is attached. to change the binding ip of the webserver: add following line to conf/neo4j-server.properties: org.neo4j.server.webserver.address=127.0.0.1 On Thu, Sep 8, 2011 at 2:55 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: That sounds good. Could you try it and report back? Would love to add it to the manual and as a setting. Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:34 PM, Linan Wang tali.w...@gmail.com wrote: since neo4j just uses jetty, i think the simple solution would be add option in neo4j shell script: -Djetty.host=127.0.0.1 to make it only listen to local request. then use ssh tunnel to expose service to designated machines. On Thu, Sep 8, 2011 at 2:18 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: Hi there, you can block access to it by blocking the access to the URL (localhost:.../webadmin) and even /db/manage. That requires probably to set up apache and mod_proxy in front of the Neo4j server, but I think that is a good idea in production scenarios anyway. http://docs.neo4j.org/chunked/snapshot/operations-security.html Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:08 PM, carze ca...@som.umaryland.edu wrote: I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
Re: [Neo4j] Blocking access to the Neo4j web admin interface
Linan, your diff didn't make it could you just issue an pull request for that. And Peter should get you sign a CLA btw. Cheers Michael Am 08.09.2011 um 18:33 schrieb Linan Wang: tested the idea, it doesn't work. so i made simple changes to the server code and diff is attached. to change the binding ip of the webserver: add following line to conf/neo4j-server.properties: org.neo4j.server.webserver.address=127.0.0.1 On Thu, Sep 8, 2011 at 2:55 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: That sounds good. Could you try it and report back? Would love to add it to the manual and as a setting. Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/- Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:34 PM, Linan Wang tali.w...@gmail.com wrote: since neo4j just uses jetty, i think the simple solution would be add option in neo4j shell script: -Djetty.host=127.0.0.1 to make it only listen to local request. then use ssh tunnel to expose service to designated machines. On Thu, Sep 8, 2011 at 2:18 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: Hi there, you can block access to it by blocking the access to the URL (localhost:.../webadmin) and even /db/manage. That requires probably to set up apache and mod_proxy in front of the Neo4j server, but I think that is a good idea in production scenarios anyway. http://docs.neo4j.org/chunked/snapshot/operations-security.html Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/- Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:08 PM, carze ca...@som.umaryland.edu wrote: I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
Re: [Neo4j] Blocking access to the Neo4j web admin interface
done. https://github.com/neo4j/community/pull/16 On Thu, Sep 8, 2011 at 11:21 PM, Michael Hunger michael.hun...@neotechnology.com wrote: Linan, your diff didn't make it could you just issue an pull request for that. And Peter should get you sign a CLA btw. Cheers Michael Am 08.09.2011 um 18:33 schrieb Linan Wang: tested the idea, it doesn't work. so i made simple changes to the server code and diff is attached. to change the binding ip of the webserver: add following line to conf/neo4j-server.properties: org.neo4j.server.webserver.address=127.0.0.1 On Thu, Sep 8, 2011 at 2:55 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: That sounds good. Could you try it and report back? Would love to add it to the manual and as a setting. Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:34 PM, Linan Wang tali.w...@gmail.com wrote: since neo4j just uses jetty, i think the simple solution would be add option in neo4j shell script: -Djetty.host=127.0.0.1 to make it only listen to local request. then use ssh tunnel to expose service to designated machines. On Thu, Sep 8, 2011 at 2:18 PM, Peter Neubauer peter.neuba...@neotechnology.com wrote: Hi there, you can block access to it by blocking the access to the URL (localhost:.../webadmin) and even /db/manage. That requires probably to set up apache and mod_proxy in front of the Neo4j server, but I think that is a good idea in production scenarios anyway. http://docs.neo4j.org/chunked/snapshot/operations-security.html Cheers, /peter neubauer GTalk: neubauer.peter Skype peter.neubauer Phone +46 704 106975 LinkedIn http://www.linkedin.com/in/neubauer Twitter http://twitter.com/peterneubauer http://www.neo4j.org - Your high performance graph database. http://startupbootcamp.org/ - Öresund - Innovation happens HERE. http://www.thoughtmade.com - Scandinavia's coolest Bring-a-Thing party. On Thu, Sep 8, 2011 at 3:08 PM, carze ca...@som.umaryland.edu wrote: I'm making use of the Neo4j REST API to power a website and was wondering if there was any way to block access to the web admin interface. Currently the DB is in read-only mode but the web admin panel is accessibly by anyone who can stumble upon the URL. -- View this message in context: http://neo4j-community-discussions.438527.n3.nabble.com/Blocking-access-to-the-Neo4j-web-admin-interface-tp3319626p3319626.html Sent from the Neo4j Community Discussions mailing list archive at Nabble.com. ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user -- Best regards Linan Wang ___ Neo4j mailing list User@lists.neo4j.org https://lists.neo4j.org/mailman/listinfo/user
