Jacob Taylor, April 18, 2024, FileMaker Training Videos
Menu
- Introduction
- Pre-Emergency Setup: Building a Resilient Backup Strategy
- Immediate Actions After a Crash
- Restoring from Backup: Key Steps
- Post-Restoration Checks
- Proactive Configuration for Future Protection
- Handling Complex Scenarios: What If Backups Fail?
- Conclusion: Best Practices for FileMaker Server Emergency Response
- Check List
- Video
Introduction
FileMaker Server is a critical tool for managing databases, but like all server systems, it is vulnerable to crashes, hardware failures, and software issues. To avoid operational disruptions, it’s vital to have a well-planned emergency restoration strategy in place. This detailed blog post will guide you through every step you need to take to secure your server, handle crashes, and recover efficiently without data loss.
Why It Matters:
- Data Integrity: A well-executed recovery process ensures that data remains intact and accessible.
- Business Continuity: Quick, reliable restoration minimizes downtime, preventing operational delays and financial losses.
- Proactive Measures: Preparing for an emergency in advance significantly reduces the impact when a crash occurs.
By the end of this post, you’ll know exactly what steps to take before, during, and after an emergency to ensure that your FileMaker Server is secure and recoverable.
Pre-Emergency Setup: Building a Resilient Backup Strategy
One of the most important steps in any emergency restoration process is ensuring that you have a solid backup strategy in place. Backups are the lifeline for recovery, and without them, data loss is inevitable.
Backup Frequency and Scheduling
- Hourly Backups: Set up backups to occur hourly. This minimizes data loss to a maximum of one hour, ensuring that any lost work is recoverable.
- Best Practice: If your system processes critical data throughout the day, consider more frequent backups (e.g., every 15-30 minutes).
- Custom Scheduling: If your database operates 24/7, stagger backups to avoid performance lags. For example, schedule some backups at 15 minutes past the hour and others at 45 minutes.
- Different Backup Locations: Never rely on a single backup location. Utilize:
- Primary Local Disk: The first line of defense should be a local backup stored on the same server.
- Secondary Local or Network Attached Storage (NAS): Store a second backup on a different internal drive or NAS.
- Remote/Cloud Storage: Use cloud services like Amazon S3 to store backups in a secure, off-site location.
- Redundant Off-Site Backups: Maintain copies of critical data in geographically separate data centers to protect against natural disasters, fires, and theft.
Testing Backup Integrity
It’s not enough to simply create backups; you need to ensure they are viable. Regularly test backup integrity by restoring data to a test environment.
- Weekly Test Restorations: Perform restoration tests every week to ensure your backups are working as expected.
- Audit Logs: Maintain a log of backup tests, noting the time taken and any issues encountered.
- Differentiating Backups: Label each backup (e.g., hourly, daily, weekly, monthly) and ensure you’re not overwriting important data from long-term backups.
Ransomware Protection
Ransomware attacks have become more frequent, targeting backups as a first step. Here’s how you can protect your FileMaker backups from ransomware:
- Off-Site Backups with Immutable Settings: Use Amazon S3’s ransomware protection. This prevents any deletions or alterations of backups for a set period (e.g., 30 days), ensuring that even if an attack occurs, your backups remain intact.
- Network Segmentation: Avoid keeping backups on the same network or server that is used for your daily operations. Isolate the backup server to protect it from ransomware.
- Data Encryption: Always use Encryption at Rest (EAR) and Encryption in Transit for backups. This ensures that even if the backups are compromised, the data within them cannot be easily accessed.
Immediate Actions After a Crash
When a crash occurs, immediate action is required to prevent further data corruption and restore service quickly. Follow these steps to minimize damage and recover efficiently.
Confirm the Outage
Before taking any drastic steps, confirm that the issue is indeed a server crash:
- Ping the Server: Use a ping command or network diagnostic tool to check if the server is still responding.
- Ping Results: A successful ping response indicates that the hardware and operating system are still functional, and the problem might be within the FileMaker Server application itself.
- No Ping Response: Indicates a total system failure, possibly due to hardware or power issues.
Review the Admin Console
- Access the Admin Console: If the server is accessible, log into the FileMaker Admin Console.
- Check the Status: Are the databases still running, or have they been closed automatically? Closed databases are a good sign, as the system has likely preserved their integrity.
- Review the Logs: Look through the server logs to identify the time of the crash, any unusual activity, and any related errors.
Avoid Using Crashed Files
- Never Reuse Crashed Files: If the crash occurred while the database was open, never attempt to reopen it directly. Using a corrupted or partially written file can lead to cumulative damage.
- Manually Close the Files: If the files are still shown as open, manually close them from the Admin Console or using a CLI command to ensure they are properly shut down before restoration.
Restoring from Backup: Key Steps
Once you’ve confirmed the server crash and avoided using crashed files, the next step is to restore from the most recent, unaffected backup.
Identify the Last Good Backup
- Examine Server Logs: Review the logs to identify when the last successful backup occurred. Look for a “Completed Successfully” log entry close to the time of the crash.
- Backup Validation: Ensure that the backup you’re restoring is complete and contains no errors. If the server crashed during the backup process, that backup may be corrupted.
Copy the Backup Files
- Manual Copying: On macOS and Linux systems, avoid dragging and dropping files, as this can interfere with hard linking. Always use copy and paste or the appropriate CLI commands to ensure file integrity.
- Hard Linking Explained: Hard links allow FileMaker Server to efficiently reference unchanged files between multiple backups. If you drag and drop files incorrectly, you risk breaking these links, resulting in incomplete backups.
- Permission Checks: After copying the backup files, ensure they maintain the correct file permissions, particularly on Windows systems with Active Directory settings.
Restore the Backup
- Move the Backup Files: Place the copied backup files in the designated FileMaker directory, ensuring they overwrite the crashed files.
- Server Reboot: Restart the server to ensure all FileMaker processes start fresh, with the newly restored files. Avoid reusing open files from the crash.
Post-Restoration Checks
After restoring the server, it’s essential to verify that everything is functioning properly before allowing users back into the system.
- Open the Databases: Use the Admin Console to reopen the databases. Ensure that all files open without errors and are accessible to users.
- Monitor Logs: Keep an eye on the server logs for any new errors or warnings after the restoration. These can provide insight into lingering issues that need to be addressed.
- SSL Certificate Check: On macOS servers, crashes can sometimes corrupt SSL certificates. If users encounter security warnings or are unable to connect, verify that the SSL certificate is still valid, and re-import if necessary.
Proactive Configuration for Future Protection
To prevent future incidents from escalating into major disruptions, implement these proactive measures.
Disable Auto-Open of Files After a Crash
- Auto-Open Setting: In the FileMaker Server Admin Console, ensure that the setting to automatically reopen files after a crash is disabled.
- Why It Matters: If the files were not properly closed before the crash, reopening them automatically can cause further corruption. Disabling auto-open gives you time to assess the situation before any files are opened.
Conduct Regular Server Audits
- Health Checks: Schedule regular health checks for your FileMaker Server to monitor performance, backups, and overall system stability.
- Audit Backup Policies: Review backup policies regularly to ensure they are being followed and that backups are being stored in secure, separate locations.
- Test Restoration Processes: Simulate server crashes and test the restoration process at least once a month to ensure your team is familiar with the procedures.
Handling Complex Scenarios: What If Backups Fail?
Sometimes, even with the best preparations, things can go wrong. Here’s how to handle the most complex scenarios.
Scenario: No Good Backup Available
If all available backups are corrupted or unusable:
- Contact Claris Support: In severe cases, where backups are unusable, reach out to Claris FileMaker support. They may be able to manually repair the database.
- File Recovery Tools: In some cases, using third-party file recovery tools or database repair software can help recover portions of the data. However, always consult an expert before attempting this.
Scenario: SSL Certificate Failure on macOS
If your SSL certificate fails after a crash:
- Navigate to SSL Storage: On macOS, go to
/Library/FileMaker Server/SE Store/and delete the existing SSL files. - Re-Import SSL Certificate: Use the Admin Console to re-import the SSL certificate and restart the server.
Conclusion: Best Practices for FileMaker Server Emergency Response
By following these detailed steps and maintaining a proactive approach, you can ensure that your FileMaker Server is prepared to handle any emergency. Remember:
- Backups are Essential: Ensure that your backups are frequent, stored in multiple locations, and regularly tested.
- Never Use Crashed Files: Always restore from the last known good backup to prevent further data corruption.
- Keep Your Server Updated: Stay current with FileMaker Server software updates to minimize security risks and system bugs.
By planning ahead and having a clear restoration plan, you can ensure that your FileMaker Server environment remains secure, reliable, and resilient in the face of unexpected disruptions.
Check List
Emergency Restoration Considerations for FileMaker Server:
| Checklist Step | Description | Action Required | Comments/Additional Notes |
|---|---|---|---|
| Pre-Emergency Setup: Building a Resilient Backup Strategy | |||
| Backup Frequency and Scheduling | Set up automated backups at appropriate intervals (hourly/daily/weekly/monthly). | Configure FileMaker Server to perform hourly backups. | Stagger backup times to avoid system performance bottlenecks. |
| Off-site and Cloud Backups | Store backups in off-site or cloud locations for redundancy. | Use Amazon S3, Google Cloud, or another service to maintain off-site backups. | Use immutable settings to protect against ransomware. |
| Redundant Local Backups | Maintain backups on different drives or NAS devices. | Configure a secondary backup location on a separate drive. | Never store backups on the same drive as your live files. |
| Testing Backup Integrity | Regularly verify the integrity of backups through test restorations. | Perform weekly test restorations to verify backup integrity. | Ensure you test various backup types (daily, weekly, monthly). |
| Immediate Actions After a Crash | |||
| Confirm Server Outage | Verify that the FileMaker server is truly down before proceeding. | Ping the server to check for connectivity and responsiveness. | If the server responds, the issue may be within the FileMaker processes, not the hardware. |
| Access the Admin Console | Attempt to log into the FileMaker Admin Console. | Check if databases are still running or closed. Review server logs for recent errors or warnings. | If the Admin Console is inaccessible, proceed with manual recovery. |
| Manual Close of Files | If databases are still open after the crash, close them manually. | Use the Admin Console or CLI to safely close any remaining open files. | This ensures files are properly closed, reducing the chance of further corruption. |
| Review the Server Logs | Look for entries in the log to identify the time and cause of the crash. | Examine logs for anomalies or indicators of hardware/software failure. | Look for incomplete backup logs or any messages indicating file corruption. |
| Restoring from Backup | |||
| Identify the Last Good Backup | Determine which backup to use by reviewing logs or file modification timestamps. | Locate the most recent successful backup from logs. | If the server crashed during a backup, that backup is likely corrupt. Use an earlier one. |
| Avoid Hard Linking Errors | Copy and paste files instead of dragging and dropping them to avoid hard-linking issues. | Use copy/paste or CLI commands to move backups into the appropriate location. | Ensure correct file permissions after copying. |
| Verify Backup Permissions | Ensure the backup files have the correct permissions after being copied to the server. | Check that the restored files are accessible to the FileMaker Server. | On Windows systems with Active Directory, ensure permissions are transferred correctly. |
| Reboot the Server | Restart the server to ensure all FileMaker processes start fresh with restored files. | Perform a complete server reboot after restoring the files. | A reboot ensures that no residual processes or services from the crash are running. |
| Post-Restoration Checks | |||
| Open Databases Safely | Reopen databases in the Admin Console and check for errors. | Open databases individually and check for error messages. | Review server logs for any warnings or issues during the database open process. |
| Check User Access | Ensure that all users can access the database after the restoration. | Test connections from FileMaker clients and ensure no issues with access control. | Make sure SSL certificates (if used) are functioning properly to prevent connection errors. |
| Review Logs for New Errors | Monitor the server logs post-restoration to catch any lingering issues. | Review the logs periodically for any new warnings or errors. | Keep monitoring for 24-48 hours to ensure everything is running smoothly. |
| Proactive Configuration for Future Protection | |||
| Disable Auto-Open After Crash | Disable the auto-open feature to prevent damaged files from automatically reopening after a crash. | Navigate to the Admin Console > Configuration > General Settings > Auto-Open Files and disable this setting. | Prevents further corruption by stopping automatic reopening of files that were not properly closed before the crash. |
| Schedule Regular Server Audits | Perform regular audits to review server health, backup integrity, and performance. | Schedule monthly server audits to ensure proper functionality and prevent future issues. | Include performance benchmarking and hardware checks as part of the audit process. |
| Test Backup Restoration Procedures | Regularly test restoration procedures to ensure team readiness during an emergency. | Schedule test restorations every month. | Involve all team members responsible for the server in test scenarios to ensure everyone is prepared. |
| Handling Complex Scenarios | |||
| No Good Backup Available | If no good backup is available, contact Claris for possible recovery assistance. | Reach out to Claris FileMaker support for engineering-level recovery. | Third-party tools may also help, but consult experts before attempting. |
| SSL Certificate Failure (macOS) | If the SSL certificate fails post-crash, delete the old SSL files and re-import them. | Navigate to /Library/FileMaker Server/SE Store/ and remove the existing SSL files, then re-import the certificate. | macOS-specific issue, commonly caused by power failures or improper shutdowns. |
| Restore Multiple Servers (High Availability) | If running a multi-server or high-availability setup, ensure that all servers are restored in sync. | Ensure that all mirrored or clustered servers are restored from the same backup version. | Use synchronization tools like MirrorSync to keep all servers in sync during restoration. |
| Ongoing Backup Monitoring and Security | |||
| Set Immutable Backup Settings (Ransomware Protection) | Ensure backups in cloud storage are protected from ransomware by setting immutability periods. | Configure Amazon S3 or other services to block deletion of backups for at least 30 days. | Ransomware often targets backups first, so immutability ensures they remain intact even if your primary system is compromised. |
| Monitor Backup Logs | Regularly review backup logs to ensure backups are running as scheduled and completing successfully. | Set up automatic email alerts for any backup errors or missed backup schedules. | Ensure the team is notified immediately of any backup failures, and address the issue before the next backup cycle. |
Additional Notes:
- Frequency of Checks: Critical systems should be checked more frequently. Systems that handle sensitive data should have multiple layers of backup, tested daily if necessary.
- Permissions on Windows Servers: Ensure that Active Directory permissions are correctly applied when restoring backups. FileMaker databases require specific access levels to function correctly on Windows servers.
- Restoration Testing: Ensure restoration tests are done in a non-production environment to avoid disrupting live operations.
This checklist covers all necessary steps to ensure the safe restoration and ongoing protection of your FileMaker Server.
