unable to find db

[telemark]

Hi,

I have my db_.fp5 neatly installed on my host. Every second day on so I get a mesage about "Unable to find db_.fp5". The helpful staff at the host look at it, find nothing wrong and reset it. Nothing in their logs. Is this a known issue?

When I try to access db_.fp5 from a page on a secure server (ie https: address), I always get the "unable to find db_.fp5" (even when I accessed it seconds earlier on the http: server), followed by unable to find the format file https://xxx/correct_format_file.html

Any ideas?

[Garry Claridge]

Web Companion is not an HTTPS server. Hence, you will not find anything.

Hope this helps.

Garry

[telemark]

What are my alternatives? Is there a way around? Is there any documentation? I could not find anything on the Filemaker site. Does this mean that although the database is 'secure', all posting of data to it from a www based form is on public display? Wow!!

[Garry Claridge]

If you are using FM Unlimited and the WebConnector, I believe you can use whatever SSL is offered by the WebServer.

All the best.

Garry

[Will]

It sounds like two issues here.

1) you have a site/database that is already up and running but needs to be "reset" every two days or so. What exactly do you mean by "reset?" What O/S are you running?

2) Unless you have a seperate site/directory with SSL enabled you will never connect using HTTPS://filename.html - Are you trying to set up a secure site?

Will

[Anatoli]

And I do not understand the: "Does this mean that although the database is 'secure', all posting of data to it from a www based form is on public display? Wow!!" either.

[telemark]

I am trying to set up a secure site. SSL. It appears that I mistakenly assumed that FM Pro worked with https. If it does not I will have to find an alternative.

[telemark]

That is what I thought https was for. Secure encription of data posted to and from forms. If that does not occur, even if the db is 'secure' (ie, unauthorised access directly to data on the db), then the data is not secure because it can be accessed on its way to and from the db. Even if that is unlikely. Isn't that why we have SSL sites for e-commerce. I am certain that my customers don't want their data available in any method. Or am I missing something?

[scratchmalogicalwax]

SSL is controlled by your WebServer or WSC. This is all useless if you can circumvent all security and query the database direct (via WC - which you can, excluding anatoli's filter of course )

An easy, but relatively expensive way round this is to use Lasso and tell WC to only listen to Lasso server (in WC config) then WebSTAR (or your chosen webserver) will then control access via :443 (secure sockets layer). Many of the nasty things that you can do to someones' data with WC (or WSC and WC) alone can't be done with Lasso or can be stopped by it's vastly more advanced security and filters.

As far as I'm concerned if you are running e-commerce or b2b services with FMPro you can't afford not to run Lasso - in UK you can claim nearly 100% of cost back on tax anyway!

No computer connected permanently and especially statically to the internet is completely safe...credit card or national insurance numbers and bank details etc. should never be "stored" on machines connected to the internet.