[FX.php List] [OFF] Filemaker Web Security?

Head Honcho headhoncho at customikesolutions.com
Wed Sep 3 21:49:15 MDT 2008


Hi Joel

On 04/09/2008, at 5:19 AM, Joel Shapiro wrote:

> Hi all
>
> I just received the following question from the IT person at a  
> client of mine and I'm not sure what they're asking for.  Can  
> anybody offer me a clue on how to best respond?
>
> They wrote:
> "Given the number of web site compromises that have occurred, I am  
> wondering about Filemaker server security. Is there a security  
> notification service for Filemaker about vulnerabilities? I worry  
> about possible compromises to the web based FileMaker site on our  
> server."

I'd be asking the question "what web site compromises are you  
seeing?".  Whether you have FileMaker as your backend or something  
else, (eg mySQL) "shouldn't" make any difference.


>
> They are running FMSA9 & FX.php on Windows Server 2003 (one-machine  
> config).  The site has a valid SSL cert., the machine is behind a  
> firewall (such that you need VPN access to open the DB remotely), &  
> FMS has Secure Connections (SSL) enabled between FMS & the WPE.

All of this will mean that any data transmitted will be encrypted...  
and that non outside people can't access the DB directly without VPN  
access.  Which leads me back to the "what web site compromises are you  
seeing?"

>
>
> They've been up and running for over two years.  I upgraded them to  
> FMS9 over the summer, and they made sure their OS was fully up-to- 
> date beforehand.
>
> What kind of " security notification service" might they be looking  
> for?

I think the above may help in pointing you in the right direction...  
until you know what you're looking for, it's hard to find it!

Regards

Michael Ward
--
Head Honcho
CustoMike Solutions
Member, FileMaker Business Alliance
Member, FileMaker Technical Network
FileMaker 7 Certified Developer
FileMaker 8 Certified Developer
FileMaker 9 Certified Developer
10 Wandoo Crt
Wheelers Hill, 3150
ph 0414 562 501
headhoncho at customikesolutions.com




More information about the FX.php_List mailing list