Jump to content

Search the Community

Showing results for tags 'security'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Claris Engage Vendor Discounts

Community Forums

  • The New Claris Platform
  • Community Resources
    • Community Articles, Tips, & Techniques
    • FileMaker Marketplace Discussions
  • FileMaker Platform
    • FileMaker Interface Features
    • FileMaker Schema & Logical Functions
    • FileMaker Go for iPad and iPhone
    • FileMaker and the Internet
    • FileMaker Pro 19
    • FileMaker Pro 18 Advanced
  • FileMaker Server Administration
    • FileMaker Server 19
    • FileMaker Server 19 (Linux)
    • FileMaker Cloud
    • FileMaker Custom SSL Certificates
    • oAuth and External Server Authentication
    • Zabbix Server Monitoring
    • Previous Version Server Discussions
  • JavaScript Integration
    • Java Script and the Web Viewer
    • Carafe.FM
    • Widget Studio
  • Brain Food
    • Security Concepts
    • The Left Brain
    • Upgrading & Migration
    • Data Analysis
    • Development Standards
    • The Separation Model
    • Relational Database Theory
    • Damaged / Corrupt File Problems
    • Hardware & Networking
    • Product Ideas
  • FMForums Affiliates & Sponsors
    • Productive Computing Support Forums
    • 360 Works Official Product Support Forums
    • Geist Interactive Product Support Forums
    • FileMaker Vendors
    • FileMaker Training Resources
  • FileMaker Classifieds
    • Announcements of FileMaker Product, Services or Resources
    • Classifieds
    • Tools Of The Trade
  • FM Forums Operations
    • FM Forums Feedback & Site News
  • FileMaker Friday Night Chat's Topics


  • Captain's Blog
  • FileMaker Weetbicks
  • FileMaker Security Blog
  • The FileMaker Rift
  • HOnza's Bits @ FMForums
  • SeedCode
  • FileMaker Hacks
  • Skeleton Key's Blog
  • Wing Forward Solutions
  • 360Works Articles and Tutorials
  • GoBillit
  • Filemaker - an amateur's view
  • Linear Blue
  • Surya Kanta Mekap's Blog
  • eXcelisys' Blog
  • Manjit Behera
  • Blue Feather's Blog
  • RCC's FileMaker News and Bits
  • Thorsen Consulting
  • DB Services Blog
  • FileMaker Magazine
  • Eye on FileMaker
  • Dev Talk
  • The Philosophy of FileMaker
  • 1-more-blog
  • Productive Computing
  • Geist Interactive
  • Soliant Consulting


  • White Papers
  • Infographics
  • Samples
  • Add-ons
  • FMGo
  • Solutions
  • Tutorials
  • Plug-Ins

Product Groups

  • Workplace Innovation Platform
  • Site Advertising
  • Development & Hosting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start







Website URL




OS Version

  1. Ever considered what would happen if your data was breached? Take the first step to prevent a breach by securing your application by reviewing our checklist. Includes checklist and YouTube video. FileMaker Safety Checklist
  2. With the focus on protecting data these days it's nice to see FileMaker improvement of security. Learn more here, video included! FileMaker 15 Security Enhancements David Happersberger www.dbservices.com
  3. Frequent FileMaker Go user? Learn more about FileMaker Go Touch ID and 3D Touch adding more security and convenience to your FileMaker experience. Video included! FileMaker Go Touch ID & 3D Touch David Happersberger www.dbservices.com
  4. FileMaker is constantly improving the security features of the FileMaker platform to better serve its users. Learn about new field-level encryption functions, and account authentication with Amazon, Google, Microsoft Azure Active Directory via OAuth. FileMaker 16 Security Features David Happersberger dbservices.com
  5. View File Code-X - FREE FileMaker Developer Tool What is Code-X? Code-X is a free FileMaker Developer Tool that lets you restrict features within your own demo FileMaker Solutions and unlocking them for paying customers with license codes. We used to charge AU$450 (US$350) for Code-X but are now giving it away for free to the FileMaker community. So what can you do with Code-X? Add 30-day trial periods Restrict features within your demo solutions Limit the number of records unregistered users can create Limit the number o
  6. Hi All, I added security to limit the DataAPI user from accessing certain records, with the limited option. I tested this while running these files on my HD no server. Worked like a charm. After moving the files to FMServer the DataAPI account can access all record in the table all of a sudden. Any thoughts as to why this is happening? Kind regards, Joost
  7. Hi - I'm developing a business solution to be hosted on FM Server. It will be hosted on Soliant Cloud. This is my first time developing for Server. I read Steven and Wim's whitepaper on FM 16 security, which was very helpful. In the past, when I've created upgrades to my solution, I've imported data from the previous version into the new one. Each update is a modified version of the previous file. I read about the benefits of using File Access Protection. My solution is a single file solution so I can basically exclude any other file having access - except I'm not sure what impac
  8. We are working on a process for passing certain info nuggets out of a solution (FMP 13) in an encrypted method. For various reasons a version upgrade isn't feasible. So the plan is to encrypt the nuggets, then pass them into a format for transport. Currently, we're using Applescript to pass the particular fields into an AES-256-CBC encryption process in a calculated Applescript step, as follows : The problems which concern me here: 1. The password is "traveling" into Terminal in plaintext. Is there a way this can be viewed during the process (a 'ps' or so
  9. Our institution is now requiring PHI-containing databases to log not just modifications to records, but to log every access/viewing of any record. They want to be able to respond to the question "Who has looked at my medical record, even with no change to the record?". I am not aware how to achieve this with FM, do any of the add-on programs have such features? I am facing the forced elimination of a critical database, built over 15 yrs, if this cannot be achieved. Thanks for any suggestions.
  10. Hi, I've just upgraded to Filemaker Server 16 and installed an SSL certificate for client/server communications. However, I am confused by the documentation when it comes to communication between the Server and the Filemaker XML API. We're currently making these calls from another server over http, and would like to ensure they are secure. I've attempted changing these requests to be over https but this seems to fail - I haven't investigated where exactly (if it's a limitation of the PyFilemaker Python library we're using or the fact that the connection is not actually secure). Would
  11. Version 1.0.0


    What is Code-X? Code-X is a free FileMaker Developer Tool that lets you restrict features within your own demo FileMaker Solutions and unlocking them for paying customers with license codes. We used to charge AU$450 (US$350) for Code-X but are now giving it away for free to the FileMaker community. So what can you do with Code-X? Add 30-day trial periods Restrict features within your demo solutions Limit the number of records unregistered users can create Limit the number of users that can use your solution Create different tiered licenses such as
  12. greetings all! A question for the network security gurus: I have Supercontainer running in standalone mode. My router has port forwarding to the machine (Mac-mini). My credit card vendor requires security IP address scans and I am failing due to the port forwarding on the router. what is best practice? I am using a router flashed with Tomato Shibby.
  13. Hi All. I'm trying to understand how this works in my environment. We have Filemaker 13 Server, with FM Pro and FM Pro Adv clients. We are in a Windows Server 2012 Domain. So if I get an Ipad and connect it to the network, then download and install FM go, how does it connect to the FM server? will there be a problem with the Domain? The Ipad doesn't join the domain. Since it isn't joined, it also wouldn't be able to access the fileserver to view PDFs on the fileserver. is this correct? Extra question non-FM. What concern do you have with the Ipad being hacked? The Ipad
  14. I currently have a Filemaker 15 solution running on Filemaker Server 15 Advanced. We are currently accessing the solution on Webdirect via VPN connection. I would like to open ports 80/443 so that users could access the solution without connecting to VPN. However, my IT department has flagged security concerns. My question is how real the security concerns are. I know that Filemaker Server 15 Advanced should be encrypting the data. Would that make a non-VPN connection secure? Thanks for any advice.
  15. Our university hospital IT is mandating that all Mac servers that contain PHI be encrypted using FileVault. There is a longstanding and strong recommendation by FMI and posts on this board advising against this for FM server, although there are also some dissenting voices. The relevant passage on the FM Knowledge base pages (http://help.filemaker.com/app/answers/detail/a_id/9650) reads: "FileVault: FileVault is a feature that performs on the fly encryption and decryption of data on your hard drive.. However, this added level of security requires additional processing power. Becaus
  16. I am sure this is one of those simple ones… that has me bamboozled for nearly 2 days now. I need to limit access of my users viewing only a limited set of "Company" records after they log in. The companies that they are allowed to see are listed in each respective user's profile. My opening script goes to the user's profile and creates a global variable for each company that they are allowed to view. When I go to the "Manage Security > Edit Privilege Sets > Records > Custom Privileges > Limited > Script", and use any of those variables (e.g. $$Company01"), the rec
  17. I must be doing something wrong here - I can't get record access privileges working right. I am trying to limit viewing of the Teachers table to the currently logged in teacher. I have a Teacher Privilege Set and all teachers are assigned this set. I have Custom Privileges set for Records. On the Teachers table I have Limited set on the View privilege. My calculation is 'Login = Get(AccountName)' where Login in a field that holds the login name. No records are accessible, all fields just say <No Access>. Using Data Viewer I have double checked to make s
  18. I've been researching how people handle logins for WebDirect and my head is swimming with contradictory information. On my existing website I have 1,775 users. Their account information is stored in a mySQL database. The account information is little more than username, password, company name, and real name. For the new WebDirect site, I was originally planning to autologin to the file using an account that only had access to the login screen. Then, use custom dialogue to allow the username and password to be entered. I'd use the username as a relationship between the global and the
  19. [ Edit: 3/16/2016 - With the help of some other people, we have been able to recover, or recreate some of the original images from original thread. ] Security is always a big topic when it involves data, or people, or possessions. Recently, over on the FileMaker Community, there was a very beneficial discussion regarding security. Unfortunately, that discussion was the victim of a necessary action...and was deleted. It was deleted, because the discussion was tied to a video that, as was determined throughout the thread, was not beneficial to the overall community of FileMaker users and de
  20. Hi, My FM database is using AD to determine whether a user has access to the db or not. Once logged in, I've used a set of tables & relationships to identify whether the user sees particular layouts, records within tables etc. This has been fine for the small number of teaching staff that have been accessing it to date. However, I'm now looking at expanding the db so that students are able to access it too. However, I really don't want to maintain a table with student accountnames (1500 students) in order to identify them as a student instead of a member of staff (default home pa
  21. I've currently developed a database using the data separation model whereby I have an interface file, and a database file. The interface file is held locally on each computer using the database, and the database file is held on a server. There are going to be 3 - 5 different organisations all contributing data to the main database, but ordinary users should only have access to the data created by their organisation. Some "super-users" will have access to the combined data from all organisations. I currently have lots of reports which cycle through the database, analysing specific parts of
  22. I'm trying to take a different approach to Roles and Script Access in a solution that a bit more flexible to change and create roles via the UI, not FMs native security. While "Hide Object When" is very useful, it's not always practical especially when there are multiple roles and it's not easily maintained across a system. Conceptually what I'm thinking is: Every button is attached to a script the script attached to the button is used for navigation, to perform a task, or combination of both these script are ONLY attached to a button and never called from withi
  23. I am running a script with full access privileges the last line of which is intended to check a found set. When the script gets to that step it says I dont have the access privileges to correct a spelling error in a record. My research to date told me that a script running with full access would override the security setting in the privilege set. Is this an exception or is there more to it? Putting "exit script" on the end solved the issue, as at presently advised
  24. I have created a webclip for iOS with a FMP Url with the format FMP://username:password@myserver.com/mydatabase.fmp12 I have the extended privilege set to: fmreauthenticate0 to make testing easy upon first launch, it works correctly. When I press the home button on the device.. I wait 10 seconds and then I launch from the URL/Webclip I am prompted for login credentials(This shouldnt be because I am passing the credentials in via the URL. If I press cancel as the login screen, it seems to work just continue as it should with the login credentials. I am getting some complaints and confusion f
  25. I have a simple dashboard portal using SELECTOR (global) -> CONNECTOR (table::ID). I have noticed that the portal does not display records even though the global selector has IDs populated (global can be seen in data viewer), but this occurs only for a non-Full Access group of users and only when hosted on a remote FM Server (third party host). I have tested the counter approaches to both of those conditions (access rights, local v server) and shown that it works in all other ways: when copied to local machine, the particular user group see the expected records in the portal fine. when
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.