Support

Regarding the document "Web Publishing Security Guidelines" (PDF) (Updated 12/2002)

What is this document?

This document, "Web Publishing Security Guidelines" provides the most current procedures for using FileMaker security features when publishing databases on the web.

This document is the most current version of the "Web Security" PDF file for both FileMaker Pro 6 and FileMaker Pro 6 Unlimited. These Web Publishing Security Guidelines also provide information of interest to all users of FileMaker Pro, FileMaker Pro Unlimited and FileMaker Developer (6, 5.5 or earlier) who are publishing databases to the Web.

Why is this information being updated?

In an effort to help customers use the mechanisms available within FileMaker to secure databases published on the web, the procedures described in the original document have been updated. (The original document (Web Security.pdf) is located in the folder /Web/Web Security.)

FileMaker is continually evaluating security considerations and procedures for the FileMaker product line. This document contains the most current procedures and is subject to change without notice. Any and all updates of this document will be available for download from the FileMaker Web site.

Does this document apply to the 5.0 and 5.5 releases of FileMaker products as well as 6?

Yes, for the most part the procedures apply to all current product releases. Some features described require more current product releases, such as the cdml_format_files folder which was introduced in FileMaker Pro 6, and record-by-record access restrictions introduced with FileMaker Pro 5.5.

Note: FileMaker 5.0 Customers should ensure that they are using the latest version of the FileMaker Pro 5.0 Web Companion. In the most current version, the CDML variable tags -fmtfield, -mailfmtfield, and -errorfmtfield have been disabled because of the security risk they posed for databases published on the Web. See the FileMaker Product Updaters page for the latest updates to FileMaker products.

In which languages is this document available?

It is available now in English, and will be made available in the languages supported by FileMaker Pro: Dutch, French, German, Italian, Japanese, Spanish and Swedish.

Does this document include general information about web security? For example, will it help me implement Secure Sockets Layer (SSL) encrypted connections in my web solutions?

This update to the document includes considerations for general issues and some of the technologies available for managing security on the Web. However, the details and procedures provided in the document focus on the features available within FileMaker products to secure your database.

In order to manage other aspects of web security, you will also need an understanding of additional tools and technologies, such as third-party web servers (IIS or Apache). A variety of third-party software is available to increase the security of your system, such as firewall software. You should research the available offerings to determine whether they can help in your environment.

Where can I find resources and consultants to help me with considerations such as security in FileMaker solutions?

Visit our Support area for an array of customer care and technical support options, including reference materials, tools to help you locate consultants, and resources for sharing knowledge with FileMaker experts.

What do I do if I think I have discovered a security related problem in a FileMaker product?

Report the problem immediately to FileMaker, using our online "Report a Problem" form, or use one of our Technical Support resources.