Security Guide
Table Of Contents
- Chapter 1 About database security
- Chapter 2 Security “Top 10” list
- 1. Enhance physical security
- 2. Enhance operating system security
- 3. Establish network security
- 4. Devise a plan for securing your databases
- 5. Restrict data access with accounts and privilege sets
- 6. Back up databases and other important files
- 7. Install, run, and upgrade anti-virus software
- 8. Test your security measures
- 9. Assess, iterate, and improve security measures
- 10. Upgrade to FileMaker Pro 8 and FileMaker Server 8 for security enhancements
- Chapter 3 Build security into your solutions
Build security into your solutions 21
7. Consider the results of scripts.
• If a script includes a step to delete records, and a web user opens the file with an account that
doesn’t allow record deletion, the step to delete records won’t be executed. However, the
script might continue to run, which could lead to unexpected results. Consider enabling
Run
script with full access privileges
to allow scripts to delete records or perform other restricted
actions that users normally don’t have access to with accounts and privileges. You can also
restrict users from executing a specific script by modifying their privilege set and specifying
scripts that have
No access for particular users.
• Databases published on the web should include scripts that have no harmful effects if they are
executed by any web user. To see script steps that are not supported, open the script and select
the
Indicate web compatibility checkbox in the Edit Script dialog box. Dimmed script steps are
not supported on the web.
• If your scripts contain steps that are unsupported, for example, steps that are not web-
compatible like Send Mail, or that users don’t have privileges to execute, use the
Allow User
Abort
script step to determine how subsequent steps are handled. For more information, see
the
FileMaker Instant Web Publishing Guide, located in the Electronic Documentation folder
(inside the English Extras folder).
8. Do not store database files or any sensitive data in the FileMaker Pro Web folder (or sub-
folders).
9. Enable log files to track the IP address of users who are accessing your web published files (as
well as the date and time of requests, and other options).
10. With FileMaker Pro, you can limit access to users who use an IP address that you specify in
advance. When hosting files with FileMaker
Server Advanced, you can set limitations on client
IP addresses in the web server application.
Select Indicate web compatibility to dim script steps that are not web-compatible