Neo4j: configuring the Community Edition on a cloud server

So I’ve been really plunging into data science work and have become somewhat of an aficionado of the different types of databases. I’m personally fascinated by neo4j and particularly its recent attempts to make pitches to data scientists - I definitely think my workflow might be improved with neo4j but I need to verify. I do my coding work in cloud servers so as to keep my personal computer tidy and also to help practice for hopefully getting an AWS certification or something, which means that “install neo4j for desktop” isn’t really an answer for this situation. (I would post this kind of question on StackExchange, it seems more on-topic there, but this sort of question appears to be being asked in here, and frankly StackExchange is terrifyingly unwelcoming.)

So, to explain the problem in simple terms: neo4j connects on two ports for the browser and the proprietary api, 7474 and 7687. Both of these ports should return some response from a browser query beyond just instant failure to connect, but that’s what I get - and 7474 should be returning a login screen to the administration panel.

I’ve installed this on cloud Linux setups across three providers: RHEL and CentOS 7 on AWS, OpenSUSE Leap on Google Cloud, and CentOS 7 on a Linode virtual private server. The former cases I followed best practices and kept them on a private subnet only accessible through an OpenVPN ingress on a public subnet within the virtual private network, and this was effective for everything except neo4j; I can ssh and access computers inside the private subnet fine, I can ping them, and I can even use my Chrome browser on OS X (where I’m running the OpenVPN client) to access the web server configuration for OpenVPN itself. It’s only neo4j that isn’t working. I want to note that I also installed the Kubernetes version of neo4j community running on a minimal Debian via AWS and a self-configured Google Cloud image of neo4j that was supposed to work “out of the box.” None of them did.

Above all my (highly insecure and to be removed from the Internet as soon as possible) Linode which allows direct incoming HTTP and HTTPS traffic also has precisely the same response as these cloud based solutions. Instant denial of any attempt to access the neo4j ports. Also please note I’ve confirmed neo4j is running, as a systemd service even, and the proper JDK is installed.

So far, I’ve used ufw to try to update firewall rules on the Linode which, I mean, succeeds insofar as I’ve updated firewall rules. I’ve tried this:

**ufw allow $7474**
Rule added
Rule added (v6)

Didn’t change a thing. And again, this Linode is dangerously insecure as it is. It doesn’t make sense to me that across 3 providers, two major security paradigms, and three different ways of installing the software, it would always fail the same way. Is anyone able to help me out?