diff --git a/public/conf_notls/neo4j.conf b/public/conf_notls/neo4j.conf
index 2bde2bf1..6f1cd160 100644
--- a/public/conf_notls/neo4j.conf
+++ b/public/conf_notls/neo4j.conf
@@ -205,7 +205,8 @@ server.http.enabled=true
 # Determines if Cypher will allow using file URLs when loading data using
 # `LOAD CSV`. Setting this value to `false` will cause Neo4j to fail `LOAD CSV`
 # clauses that load data from the file system.
-#dbms.security.allow_csv_import_from_file_urls=true
+dbms.security.allow_csv_import_from_file_urls=false
+dbms.security.allow_file_urls=false
 
 
 # Value of the Access-Control-Allow-Origin header sent over any HTTP or HTTPS
diff --git a/public/conf_tls/neo4j.conf b/public/conf_tls/neo4j.conf
index 6c22a0f7..64d26448 100644
--- a/public/conf_tls/neo4j.conf
+++ b/public/conf_tls/neo4j.conf
@@ -205,7 +205,8 @@ dbms.ssl.policy.https.public_certificate=neo4j.cert
 # Determines if Cypher will allow using file URLs when loading data using
 # `LOAD CSV`. Setting this value to `false` will cause Neo4j to fail `LOAD CSV`
 # clauses that load data from the file system.
-#dbms.security.allow_csv_import_from_file_urls=true
+dbms.security.allow_csv_import_from_file_urls=false
+dbms.security.allow_file_urls=false
 
 
 # Value of the Access-Control-Allow-Origin header sent over any HTTP or HTTPS