FileMaker 16 Security Guide: Best Practices for Configuring Security Options

FileMaker security overview

About this guide

FileMaker security features

System requirements

Security for solution developers


Authenticate users

Define privilege sets

Encrypt data

Limit access to the solution through layouts

Use functions, scripts, and script triggers to enhance security

Restrict references to a solution

Set a minimum client version

Enable plug-ins

Security for server administrators


Enable external authentication

Enable OAuth identity provider authentication

Limit the list of hosted solutions

Require passwords for hosted files

View log files

Disconnect idle users

Set up backups

Add administrators

Decide whether to permit the Perform Script on Server script step

Enable plug-ins in FileMaker Server and FileMaker Cloud

Ensure email notifications are secure

Security for IT professionals


Secure the machine running FileMaker Server

Install FileMaker Server components behind the firewall

Set up SSL encryption

Java security considerations

PHP security considerations

Replace the default web server page

Other security considerations

Apply updates regularly

Use strong passwords

Test security settings

Comply with regulatory requirements

Inform users

Additional resources

Quick reference guide for routine operations

Types of encryption used by FileMaker

Ports used by FileMaker Server