We have reset all users FileMaker related profile fields. Please take the opportunity to update your information,  this will provide background to members whom read your posts. Click here.

Jump to content
Sign in to follow this  
Matt Klein

WebDirect and HTTPS

Recommended Posts

Matt Klein    1

Now that I'm deeper into my WebDirect solution,  I've come across a question that I can't find a definitive answer for anywhere including forums and official FMI guides.   Doesn't mean it doesn't exist out there.  I've just not been able to find it.

Here it is:

If you want to ensure that data is passing between Web Direct and the browser securely(HTTPS) it seems like it is NOT necessary to turn on "Require Secure Connections" in the Database Server section of FileMaker Server.    It seems like all you need to do is make sure you use HTTPS instead of HTTP in the URL when accessing the WebDirect server.

However,  not turning on "Require Secure Connections" in the Database Server section of FileMaker Server will allow non-secure(HTTP) connections as well as secure(HTTPS).   Turning on "Require Secure Connections" seems to force the HTTPS connection and doesn't allow HTTP connections.



So,   the "Require Secure Connections" in the Database Server section of FileMaker Server doesn't handle the encryption from WebDirect to the browser.   Instead,  the "Require Secure Connections" in the Database Server section of FileMaker Server handles the encryption between the Database Server and the WebDirect server.   The encryption between WebDirect and browser is handled by the Web Server itself and it's merely a matter of using HTTPS or HTTP to determine if the data passing between WebDirect and the browser is encrypted.


Can anyone verify that I'm correct or wrong for that matter? 

Share this post


Link to post
Share on other sites
gozoinks    0

You seem to have it.

 

When this option is on, encrypted connections are required; when it is off, encryption is permitted but optional. Encryption is always available if you opt to use it, regardless of this setting. This is why both HTTP and HTTPS work for WebDirect, even with this option turned off.

 

With this setting enabled, FileMaker Server will not accept unencrypted connections. FileMaker clients (Pro, Go) can detect this and will switch to encrypted connections automatically. Your web server does not detect this, however, and it will not make the same switch. This is why turning this option on doesn't prevent your web server from listening on HTTP, but only HTTPS connections succeed.

 

You may want to configure your web server to redirect requests from HTTP to HTTPS, in order to eliminate any confusion for your users. There are lots of ways to do this. The simplest might be with an .htaccess file in your web root, if you're using Apache on Mac OS X. You can do it with IIS on Windows, also.

 

Now, while I'm on the subject… If you're making your WebDirect application available to the public Internet, you might consider implementing a reverse proxy server. A reverse proxy accepts connections from users on the Internet and forwards the requests to a server safely protected behind a firewall, so that people aren't connecting directly to your back-end database server. You can then require SSL for connections from the clients to the proxy, and you can use unencrypted connections from the proxy to the FileMaker server (where you can leave "Require…" turned off). This reduces the load on your FileMaker server by offloading encryption overhead to the proxy, which improves overall performance. If you were to go this route, you'd set up the HTTP->HTTPS redirect on the proxy server. Popular reverse proxies include HAProxy, Squid, and nginx. Cisco firewalls often have a facility for this as well.


For posterity, here's a link to the FileMaker Server 13 security guide:

 

http://help.filemaker.com/ci/fattach/get/104213/0/filename/security_guide_en_13_final.pdf

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Similar Content

    • By Donald Clark
      I have a FileMaker server 13.v10 database solution that changed somehow during development and now does not display several WebDirect objects properly.
      For starters, the text shows up as white on a white background, which it did not do before.  We have been and are using the Cool Grey theme.
      Other problems with display:
      1.  3 value lists will not display:  One a regular list from a set of values, another list from a related layout, and a third a filtered list from another layout.  Another value list works normally
      2.  A picture in a container field (locally stored, not external yet) does not show.
      3.  A filtered, sorted portal does not show the records, nor are they accessible in the portal. The filtering and sorting are straightforward.
      We have tried several things to correct the issue:
      1.  Made a new layout, grouped everything together and paste it on the new layout.
      2.  Made a new layout and made the fields and portal from scratch.
      3.  Simplified and changed the relationships to the portal
      4.  Substituted simplified relationships for the value lists (just for testing.
      5.  Tried the db on FM Server 16 and made most of the changes above, nothing was different.
      6.  Used Dropdowns, Popups, and radio buttons, no change in behavior
      7.  We had FMDiff examine the db for corruption, but they found no problems, so file corruption is not an issue.  We also compacted the db in order to reindex all indexed fields, but that did not help.
       
      Everything works fine using FM client.  Only WebDirect has problems.
       
       
      A photo showing the problems on WebDirect is attached, as is a photo showing the fields properly displayed in FileMaker Client.  Please forgive the look and feel; the photos show the layout as we made changes and are troubleshooting.
      Has anyone seen this before?  Do you have any ideas how to fix it?
       
      Thanks for your help.


    • By xochi
      Suppose you have a WebDirect database that has both a [Guest] account and regular user accounts.  Is there any way with a special URL or JavaScript to do an automatic [Guest] login that bypasses the filemaker web direct login screen?
       
      Basically, I want to have a Public area of the site which never asks for authentication, and a members-only are which does, but I don't want to confuse the Public by making them click the [Guest] button ever.
    • By Morenomdz
      Hello there, I've set few text boxes per layout that work as "tutorials", with one button called "help" that changes one global field [tutorial] from Yes to No (and vice versa), commits the record.
       
      When the global field "tutorial" is set to yes, all the "text boxes" should hide, when it is set to no they should apear. It works perfectly in the fm client but when I got to the web even if I change the field to Yes or No in the client and save the record, the web still shows all the text boxes.
      It looks like the the "hide when" is simple not working. Using 
      table::tutorial = "yes"
      Did a test having the a tex field for the tutorial showing on the layout, it looks like the webdirect is not seeing the field content at all. It shows as empty on web and Yes or No on the client.
    • By jorfasan
      We have a development that if accessed by regular Filemaker Pro the button (via Open URL) that links to a document (word file) it does open the application (MS word) resulting a very satisfactory behaviour for users.
       
      But the same stuff when running with WebDirect the Chrome gets an 
      "not capable of opening the window; please deactivate the popup window blocker and try again". Well needless to say that that blocker is not active (under preferencies) and the IS manager of the net also verifies it is not blocked at her level. 
       
      Also firefox, same machine, is not able to open the application; in this case with no alarm / action at all. 
       
      Any clues??
       
      Thanks!!
       
       
      Client
      - Windows 7 professional, SP1 
      - Chrome: Versión 41.0.2272.118 m
      - Firefox:  36.0.4
      - FM Server: 13.0.5.520
       
    • By paul.s
      So, We have a unix admin working on our Mac OSX server. I specifically instructed them not to break our Filemaker 13 Apache install. Well it looks like they worked on the machine but broke one thing.
       
      Does anyeone know where I should look to fix this?
       
      What works:
      Webserver servers files fine from the Filemaker HTTP Folders.
      Filemaker WebDirect works fine.
      PHP is working.
      PHP is indicated as ON in FMSA Admin.
      Admin pages at http://localhost:16001/admin-consolework fine.
      Admin screen shows green on Webserver. Indicates PHP is enabled.
       
      This is the only thing that is not working:
      Previous PHP pages which has successfull connection to databases no longer connect to the database.
       
      I assume that a reference to filemaker somehow got removed from one of the php config files, but I don't know where.
       
      Can anyone give me an idea where to look?
×