HarperDB was set up to require very minimal configuration to work out of the box. There are, however, some best practices we encourage for anyone building an app with HarperDB.



HarperDB allows for managing cross-origin HTTP requests. By default, HarperDB enables CORS for all domains if you need to disable CORS completely or set up whitelisted domains you can do the following:

  1. Open the HarperDB settings.js file this can be found in HDB_ROOT/config, where HDB_ROOT is the location you specified during install.
  2. In settings.js there should be 2 entries: CORS_ON & CORS_WHITELIST. If these entries do not exist add them as described below:
    • CORS_ON
      1. To turn off CORS change to: CORS_ON=false
      2. To turn on CORS change to: CORS_ON=true
      1. The CORS_WHITELIST will only be recognized by the system when CORS_ON=true
      2. To create a whitelist you set CORS_WHITELIST to a comma-separated list of domains.
        i.e. CORS_WHITELIST=,
      3. To clear out the whitelist and allow all domains: CORS_WHITELIST=


HarperDB provides both HTTP and HTTPS interfaces. The default port for HTTP is 9925 and the default port for HTTPS is 31283.


These default ports can be changed in HDB_ROOT/config/settings.js


By default HTTPS is turned off and HTTP is turned on.


You can change the port for HTTP with HTTP_PORT and the port for HTTPS with HTTPS_PORT.


You can turn on and off HTTPS and HTTP here in the settings file. By setting HTTPS_ON to true/false and HTTP_ON to true/false.


HarperDB automatically generates a certificate and a privateKey file which live at HARPERDB_ROOT/keys/.


You can replace these with your own certificate and key.


If any of these settings are changed please make sure to run harperdb stop && harperdb run as they will not take effect until a restart.