mbarrett65

WebDirect -- how secure?

5 posts in this topic

I currently have a Filemaker 15 solution running on Filemaker Server 15 Advanced. We are currently accessing the solution on Webdirect via VPN connection. I would like to open ports 80/443 so that users could access the solution without connecting to VPN. However, my IT department has flagged security concerns. My question is how real the security concerns are. I know that Filemaker Server 15 Advanced should be encrypting the data. Would that make a non-VPN connection secure? Thanks for any advice.

Share this post


Link to post
Share on other sites

what were the security concerns that they raised?

 

There is a lot more to security than just using SSL to encrypt the data in transit.

Share this post


Link to post
Share on other sites

Thanks for your response. I think they felt the browser access via ports 80/443 would make the DB vulnerable to hacking. 

Share this post


Link to post
Share on other sites

Well you do shift the main outwards facing login from the VPN to WebDirect. I can imagine the IT department not liking to lose control. How safe your DB is then shifted to how safe you make your solution on FileMaker Server. Still if you secure it well, you should be fine. 

A couple of basic things to keep in mind:

1. Disable the FileMaker Server resources that you don't actively use: XML, ODBC and PHP api.

2. Use External Authentication to let the IT department be the administrator of the user accounts.

3. Be sure to remove all files without good account security ie. sample files or files with open guest access. Don't list open files without login.

Share this post


Link to post
Share on other sites

Thank you for these tips, much appreciated!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Similar Content

    • By Keawe
      Hello,
      I installed supercontainer on my Windows server at aws Amazon. I also installed the companion plug-in. It shows up on Filemaker Pro no problem. But it doesn't show on webdirect. Any idea?
      Here is my configuration:
      - FMS 15, Windows 2016 server. 
      - SuperContainer 2.94, build 9234.
      - I have the companion plugin put inside "..\FileMaker Server\Web Publishing\publishing-engine\cwpc\Plugins".
      - The plug-in I use is "SuperContainer_Companion_Plugin.fmx64".
      Thanks.
      P.S.: I will send an email to 360works. But just want to post it here so we can all share the solution. Thanks.
    • By animation_master
      FileMaker Pro 15 Launch Center connects to our AWS instance with no problem. But then it reports
      No files are currently hosted on AWS instancename.
      Well, there ARE files currently hosted. We access them via WebDirect, so they must be hosted.
      Moreover, when we launch a local copy of the file, FileMaker offers to open the remote copy with
      This file has previously been uploaded to FileMaker Server. Use Hosted Version?
      It even displays the proper address for the hosted file.
      However Use Hosted Version returns this error:
      The file “filename.fmp12“ could not be opened. (Extended privilege disabled)
      So, we created a privilege set that extended privileges for fmwebdirect, fmapp and fmxdbc.
      On the next launch of Remote Version, we got this:
      FileMaker cannot share a file because FileMaker network sharing is turned off.
      So, we turned on ODBC sharing, and on the next launch, we got this:
      FileMaker cannot share files because another user is already sharing files using FileMaker Pro on this computer.
      I’m going in circles here. Are these errors related? What am I doing wrong?
    • By hi-voltage
      What is Code-X?
      Code-X is a free FileMaker Developer Tool that lets you restrict features within your own demo FileMaker Solutions and unlocking them for paying customers with license codes.
      We used to charge AU$450 (US$350) for Code-X but are now giving it away for free to the FileMaker community.
      So what can you do with Code-X?
      Add 30-day trial periods Restrict features within your demo solutions Limit the number of records unregistered users can create Limit the number of users that can use your solution Create different tiered licenses such as Basic and Pro Add nag dialogs to prompt unregistered users to register Lock your paid solution to a device to prevent piracy Generate and issue license codes that unlock your FileMaker solutions for paying customers More Information
      To download the latest version, or for more information visit:
      FileMaker Developer Tool - Code-X
      Code-X was developed by Hi-Voltage, you can visit our site here:
      FileMaker Programer Melbourne
      Checkout our other FileMaker related products and services here:
      FileMaker Products and Services

       

       
       
       
       
    • By hi-voltage


      View File Code-X - FREE FileMaker Developer Tool
      What is Code-X?
      Code-X is a free FileMaker Developer Tool that lets you restrict features within your own demo FileMaker Solutions and unlocking them for paying customers with license codes.
      We used to charge AU$450 (US$350) for Code-X but are now giving it away for free to the FileMaker community.
      So what can you do with Code-X?
      Add 30-day trial periods Restrict features within your demo solutions Limit the number of records unregistered users can create Limit the number of users that can use your solution Create different tiered licenses such as Basic and Pro Add nag dialogs to prompt unregistered users to register Lock your paid solution to a device to prevent piracy Generate and issue license codes that unlock your FileMaker solutions for paying customers More Information
      To download the latest version, or for more information visit:
      FileMaker Developer Tool - Code-X
      Code-X was developed by Hi-Voltage, you can visit our site here:
      FileMaker Programer Melbourne
      Checkout our other FileMaker related products and services here:
      FileMaker Products and Services

       

       
       
       
       
      Submitter hi-voltage Submitted 03/21/2017 Category Solutions FM Version FM Version: Not Applicable  
    • By pcognetti
      Sorry for my poor english
      I made an application in FM15 that is used on the Web
      The application shows some HTML paginated data and then print with the print command of the browser used.
      I have no problem with Safari and Chrome, while Firefox will not let me see the contents of the Web Viewer.
      In the web viewer content is so:
      "Data: text / html,
      <Html>
      <Head>
      .
      .
      .
      .
      </ Html>
      "
      Firefox in the web viewer frame does not see anything
      if I open the source of the frame it makes me see the HTML text content but it does not render HTML
      Some idea?
      Paolo Cognetti