HarperDB was set up to require very minimal configuration to work out of the box. There are, however, some best practices we encourage for anyone building an app with HarperDB.



HarperDB allows for managing cross-origin HTTP requests. By default, HarperDB enables CORS for all domains if you need to disable CORS completely or set up whitelisted domains you can do the following:

  1. Open the HarperDB settings.js file this can be found in HDB_ROOT/config, where HDB_ROOT is the location you specified during install.
  2. In settings.js there should be 2 entries: CORS_ON & CORS_WHITELIST. If these entries do not exist add them as described below:
    • CORS_ON
      1. To turn off CORS change to: CORS_ON=false
      2. To turn on CORS change to: CORS_ON=true
      1. The CORS_WHITELIST will only be recognized by the system when CORS_ON=true
      2. To create a whitelist you set CORS_WHITELIST to a comma-separated list of domains.
        i.e. CORS_WHITELIST=,
      3. To clear out the whitelist and allow all domains: CORS_WHITELIST=


HarperDB provides the option to use an HTTP or HTTPS interface. The default port for the server is 9925.


These default ports can be changed by updating the SERVER_PORT value in HDB_ROOT/config/settings.js.


By default HTTPS is turned off and HTTP is turned on.


You can toggle HTTPS and HTTP in the settings file. By setting HTTPS_ON to true/false. When HTTPS_ON is set to false, the server will use HTTP.


HarperDB automatically generates a certificate and a privateKey file which live at HARPERDB_ROOT/keys/.


You can replace these with your own certificate and key.


If any of these settings are changed please make sure to run harperdb stop && harperdb run as they will not take effect until a restart.