FileMaker 2024 Server Q&A with Wim Decorte and Jacob Taylor

Wim Decorte, Jacob Taylor, Jun 11, 2024,

In this blog post, we take a deep dive into the FileMaker 2024 Server (also known as FileMaker 21) Q&A session featuring experts Wim Decorte from Soliant Consulting and Jacob Taylor from RCC. This session provided a comprehensive look at FileMaker Server’s latest features, performance optimizations, and essential security practices. The discussion covered key topics such as SSL certificates, caching strategies, Linux vs. other platforms, performance tuning, and security updates. Below, you’ll find an in-depth breakdown of each section covered, plus practical advice for optimizing and securing your FileMaker Server setup.

Menu

1. Introduction
2. Overview of FileMaker 2024 (Version 21)
   • What’s New in FileMaker 2024
   • Clarification on Naming
   • Release Cycle Implications
3. Server Performance Optimization
   • Understanding Cache Settings
   • Memory Allocation Best Practices
   • Monitoring Server Performance
   • WebDirect and Worker Machines
   • Choosing the Right Hardware
4. SSL Certificates and Security
   • Understanding SSL Trust Indicators
   • Setting Up SSL Certificates
   • Let’s Encrypt Integration
   • Managing Intermediate Certificates
   • Linux as the Premier Platform
5. Understanding FileMaker Server Processes
   • Breaking Down FileMaker Server Components
   • Memory Usage Across Processes
   • Importance of Load Balancing
6. FileMaker Server Security Best Practices
   • Patching and Updates
   • Understanding Full Access Privileges
   • Risks of Custom Security Systems
   • New Security Features in FileMaker 2024
   • Disabling the Guest Account
7. Tips for Troubleshooting FileMaker Server
   • Reading Log Files
   • Analyzing Server Stats
   • Optimizing Scripts for Performance
8. Claris Cloud and FileMaker Hosting
   • Advantages of FileMaker Cloud
   • AWS Integration with FileMaker
   • Claris ID and Compliance
9. Q&A Highlights
   • Top Questions from the Community
   • Answers from Wim and Jacob
   • Expert Recommendations
10. Final Thoughts
11. Resources and Further Reading

Introduction

The FileMaker 2024 Server Q&A session brought together two of the most knowledgeable experts in the FileMaker community—Wim Decorte and Jacob Taylor—to discuss the latest version of FileMaker Server. This session was particularly valuable for developers, IT professionals, and anyone responsible for maintaining FileMaker Server environments. The discussion ranged from new features and security practices to performance tuning and common pitfalls. Here’s a comprehensive breakdown of the topics they covered.

Overview of FileMaker 2024 (Version 21)

What’s New in FileMaker 2024

FileMaker 2024, also known by its technical version name FileMaker 21, brings a host of new features and improvements aimed at enhancing security, performance, and usability. Key highlights include:

• Improved SSL certificate management, including integration with Let’s Encrypt.
• Performance optimizations, particularly for Linux environments.
• Better logging options, now enabled by default.
• Enhanced security features, including fixes for previously exposed vulnerabilities.

Clarification on Naming

• FileMaker 2024 is the marketing name, while FileMaker 21 is the technical version number. This distinction is important for developers who may refer to the technical version in documentation or troubleshooting scenarios.
• Both names are often used interchangeably, but knowing the version number helps in understanding compatibility and feature sets.

Release Cycle Implications

The shorter release cycle adopted by Claris means that updates and new features are rolled out more frequently, making it critical for administrators to stay on top of the latest patches and best practices.

Server Performance Optimization

Understanding Cache Settings

A significant part of the Q&A focused on database cache settings, which can greatly influence performance:

• FileMaker Server’s database cache is not dynamic. It reserves a set amount of RAM that is not shared with other processes.
• Higher cache sizes can improve performance, but setting it too high might starve other processes or the operating system.

Memory Allocation Best Practices

• Balance your RAM usage: Don’t allocate all available RAM to the database cache. The server needs sufficient memory for other processes.
• Use FileMaker Server logs to determine if the current cache setting is sufficient:
  • Aim for a cache hit percentage above 95%.
  • Keep cache unsaved percentage below 5%.

Monitoring Server Performance

• Utilize the Stats log to keep an eye on server health. Metrics like cache hit percentage and cache unsaved percentage are key indicators.
• Monitor CPU and disk activity to detect potential bottlenecks.

WebDirect and Worker Machines

For environments with heavy WebDirect usage, it’s recommended to use worker machines to balance the load:

• A worker machine offloads WebDirect processes, improving stability and performance for larger deployments.
• Consider a worker machine when you exceed 5 concurrent WebDirect users.

Choosing the Right Hardware

• Claris recommends Linux as the primary platform for FileMaker Server due to faster development cycles and priority for new features.
• For small to mid-sized deployments, ARM-based servers like Amazon’s Graviton2 are a cost-effective choice.
• For larger installations, invest in SSD storage and multi-core CPUs to handle higher workloads.

SSL Certificates and Security

Understanding SSL Trust Indicators

SSL certificates are crucial for securing data:

• A green lock indicates a fully trusted and encrypted connection.
• An orange or yellow lock may signal missing intermediate certificates, leading to a partial lack of trust.
• A red lock means no SSL encryption is present, exposing your data to potential threats.

Setting Up SSL Certificates

• Use trusted providers for SSL certificates, such as Comodo or Digicert.
• Utilize tools like ssls.com to purchase certificates, but download the intermediate bundle from the certificate authority’s website.

Let’s Encrypt Integration

FileMaker 2024 introduces Let’s Encrypt integration, allowing:

• Free SSL certificates with automated renewals every 90 days.
• Simplified SSL management for environments running on Linux.

Managing Intermediate Certificates

To ensure a complete SSL trust chain:

• Always download and install the intermediate certificate bundle from your certificate provider.
• If the intermediate bundle is missing, your SSL may not be fully trusted.

Linux as the Premier Platform

• Linux is now considered the primary platform for FileMaker Server. New features are often rolled out to Linux first, with other platforms following.

Understanding FileMaker Server Processes

Breaking Down FileMaker Server Components

FileMaker Server is a collection of eight separate processes that handle different tasks:

• Database Engine
• Web Publishing Engine
• Admin Console
• Data API
• Worker Processes (WebDirect)

Memory Usage Across Processes

Each process requires its own memory allocation. Be cautious when increasing the database cache, as it may deprive other processes of the resources they need.

Importance of Load Balancing

For high-traffic environments, consider load balancing between multiple servers. This can improve redundancy and handle higher user loads without compromising performance.

FileMaker Server Security Best Practices

Patching and Updates

• Always run the latest version of FileMaker Server to ensure you have the latest security patches.
• Recent updates (like FileMaker 21) addressed vulnerabilities that could expose the Manage Database Dialog unexpectedly.

Understanding Full Access Privileges

Avoid overuse of full access privileges in scripts:

• Scripts running with full access can perform any action, even if the user does not have permission.
• Minimize the use of this setting to avoid security vulnerabilities, especially during import operations.

Risks of Custom Security Systems

Roll-your-own security systems are often a bad idea:

• They are prone to human error and may not be as robust as FileMaker’s built-in security.
• Use FileMaker’s privilege sets and security settings instead of creating custom login systems.

New Security Features in FileMaker 2024

• Improvements to Manage Database Dialog access ensure that users cannot inadvertently access areas they shouldn’t, even with full access scripts.
• FileMaker 2024 has tightened its security model, particularly for client-side interactions.

Disabling the Guest Account

• Always disable the Guest Account unless absolutely necessary. It is a common entry point for unauthorized access.

Tips for Troubleshooting FileMaker Server

Reading Log Files

• The Stats log is your primary tool for understanding server health.
• Look for anomalies in cache hit percentage, cache unsaved percentage, and network latency.

Analyzing Server Stats

• Monitor performance regularly and make incremental changes to database cache settings.
• Use FileMaker’s built-in Stats Viewer to identify bottlenecks.

Optimizing Scripts for Performance

• Optimize scripts to reduce the load on the database engine.
• Use server-side scripts wherever possible to offload processing from clients.

Claris Cloud and FileMaker Hosting

Advantages of FileMaker Cloud

• Managed backups and updates.
• Built-in Claris ID for unified user management.
• Enhanced security features and compliance tools.

AWS Integration with FileMaker

• FileMaker Cloud is hosted on AWS, leveraging services like AWS Cognito for identity management.
• This provides access to multi-factor authentication and other advanced security features.

Claris ID and Compliance

• Claris ID integrates with AWS Cognito, offering built-in compliance with international standards like ISO 27001.

Q&A Highlights

Top Questions from the Community

• How does database cache size affect performance?
• What are the best practices for SSL certificate management?
• When should you use worker machines for WebDirect?

Answers from Wim and Jacob

• Keep cache hit percentage above 95%.
• Use Linux for new features and better stability.
• Consider worker machines when you have 5 or more WebDirect users.

Expert Recommendations

• Always test new versions on a development server before rolling them out to production.
• Monitor your server’s health using the Stats log.
• Focus on proper script design to improve performance.

Final Thoughts

FileMaker Server 2024 brings powerful new features that prioritize security and performance. Wim Decorte and Jacob Taylor’s insights provide a practical guide to getting the most out of this platform, from understanding database caching to setting up SSL certificates correctly. By following their advice and leveraging FileMaker’s built-in tools, you can create a stable, secure, and efficient server environment for your users.

Resources and Further Reading

• Claris Security Guide
• FileMaker Server Documentation
• Wim Decorte’s Blog on FileMaker Security
• RCC’s FileMaker Server Optimization Tips
• Claris Events Page

This concludes the detailed overview of the FileMaker 2024 Server Q&A with Wim Decorte and Jacob Taylor. Make sure to stay updated with the latest best practices and tips to maintain a secure and efficient FileMaker Server environment!