Jump to content

This topic is 6527 days old. Please don't post here. Open a new topic instead.

Recommended Posts

This is a very generic query. We have been using FMP for about 12-18 months and are successfully using FMP over our company network. We are now looking at allowing access to some of our data over internet.

I am now wondering if FMP is an appropriate piece of software to perform what we are looking for. I want our clients to be able to log on and see their (and theirs only) individual record. It needs to be secure and would hold a few thousand records with any number of people wanting to gain access to their record at any time.

Obviously, I understand that this in itself is a massive topic, but initially I just want to know if it is feasible to use FMP to perform such a task.

Thanks

Link to post
Share on other sites
  • Replies 11
  • Created
  • Last Reply

Top Posters In This Topic

Thanks Anatoli, the link is the one for the old forum format. The thread is Security Loophole, started by Chazboi.

The new link seems to be (since I just searched and got it)???

http://www.fmforums.com/threads/showflat.php?Cat=&Board=UBB21&Number=19032&Forum=All_Forums&Words=chazboi&Match=Username&Searchpage=0&Limit=25&Old=allposts&Main=19032&Search=true#Post19032

Link to post
Share on other sites

Hi, can I suggest here that a "secure" (by web standards!) method would be with Webserver/WSC (or Lasoo) on a Firewall DMZ for public access and the database server inside the firewall on the local network. Open a route to the database server for only the webserver IP address.

In your format pages, only accept calls from the correct referring page and maybe use a nice secure method like server-side includes to deliver them.

You'll still have to address the issues of the kind of password verification you need for data security. If you're happy with the security, FileMaker can do just about any database serving you want

Link to post
Share on other sites

It will be secured with Lasso (until Chazboi or someone else crack it) but not secure at all with WC and/or WSC.

Until you can match every user with "exact" matches in Security Databases, which is not practical or possible at all, databases are easily "hackable".

The protection should exist at syntax level -- our solution of Security Filter or syntax programmable firewall.

Link to post
Share on other sites

This topic is 6527 days old. Please don't post here. Open a new topic instead.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.