Jump to content
View in the app

A better way to browse. Learn more.
FMForums.com

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Filemaker 19.4.1 remote admin console access

jaboda
in FileMaker Server 19

Featured Replies

 

I am an accidental early adopter of Filemaker Server 19.4.1 - something I don't make a habit of.

One of the new features in this version of Filemaker Server is remote access to the Admin Console. This is great if you want that functionality, but if you have an internet-facing server then you probably...don't.

It seems Claris put in an undocumented way of disabling this new functionality.

In HTTPServer\conf is web.config (at least on Windows). This contains the following commented out section: 

        <!-- Admin Console restriction access
        To grant remote access for Admin Console, you can uncomment the following with IP address -->
        <!-- <rule name="fac_restrict" patternSyntax="Wildcard" stopProcessing="true">
          <match url="*"/>
          <conditions>
            <add input="{URL}" pattern="*admin-console*" />
            <add input="{REMOTE_ADDR}" pattern="<IP-Address-to-Grant_Access>" negate="true" />
          </conditions>
            <action type="CustomResponse" statusCode="403" statusReason="Forbidden: Access is denied." statusDescription="You do not have permission to view this directory or page using the credentials that you supplied." />
        </rule> -->

Simply uncomment this section and change the <IP-Address-to-Grant_Access> to 127.0.0.1 and restart Webdirect/the server. You can also change it to a 404 error, which is even better.

Hope this helps people facing a similar issue with this new feature.

  • 8 months later...
  • Author

This has slightly changed in 19.5.2. The commented out section has been removed, and re-adding it doesn't work.

To stop remote access for the Admin Console on Windows Server do the following:

  1. Open IIS Manager and navigate to FMWebSite.
  2. Select URL Rewrite.
  3. Locate the 'fac' rule and add a condition with the Input {REMOTE_ADDR} and the pattern 127.0.0.1.
  4. Click Okay and hit Apply.

This also has the benefit of applying instantly. It also doesn't require editing config files which some are uncomfortable with.

Edited by jaboda

  • 5 months later...
  • Author

Since 19.6.1 this has now been resolved.

From the release notes:

Quote

  • You can now restrict access to Admin Console and the Admin API by IP address in the following places.

    • Admin Console: Administration > Restrict Access

    • FileMaker Admin API:

      • Get Restrict Access Settings: GET /server/restrictaccess.

      • Update Restrict Access Settings: PATCH /server/restrictaccess.

    Note: The IP address 127.0.0.1 is always allowed for Admin Console access.

 

Create an account or sign in to comment

https://fmforums.com/topic/108407-filemaker-1941-remote-admin-console-access/
Go to topic listing

Important Information

By using this site, you agree to our Terms of Use.

I accept

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.