36 FileMaker Pro Web Publishing Security Guidelines
Note
All fields that you have set with the
ExactSearch, ExactUpdate,
or
ExactDelete
field restrictions
must be present in the HTML form or script that specifies the search action. For example, if two
fields are specified in the Web Security Database with these field restrictions, but only one of the
fields is on the search page, then an error is generated when a web user attempts a search.
Changing Web Security settings remotely from the Web
Using the Web Security Database HTML files, you can make changes to the Web Security
Database permissions and field restrictions remotely from your web browser. Changes made this
way do not require restarting FileMaker Pro, disconnecting your web server, or disrupting your web
server's performance.
Consider using SSL to secure remote administration communications (which will contain database
names, user IDs and passwords) in order to prevent other Internet users from obtaining this
information. See Secure Sockets Layer (SSL) security for Custom Web Publishing on page 7 for
more information.
To remotely change Web Security Database settings:
1.
Move the Security folder and its contents from the Web Security folder (inside the FileMaker
Pro folder) into the root level of the Web folder.
This enables the Web Companion to serve the Security HTML pages on the Web.
2.
In the
Remote administration
area of the Web Companion Configuration dialog box, make sure
that
Requires password
is selected and a password is entered in the box. (See Enabling the Web
Security Database on page 30.)
Note
Although remote administration can be enabled for use without a password, such use is
absolutely
not
recommended.
3.
In your web browser, type the IP or DNS address for the computer where the Web Security
Database is open, and type
/Security
.
For example, type
/Security
whereis the IP address
of the host machine. This enables the Web Companion to display the default.htm file that's located
inside the Security folder.