Securing FileMaker Server

Florian Guilbert, FM Conférence 2018

Securing FileMaker Server – Best Practices

1. Hosting FileMaker Server: On-Premises vs. Data Centers
2. Virtual Private Servers (VPS) and Their Benefits
3. Essential Components for Hosting FileMaker Server
4. Managing Server Security with SSL Certificates
5. TLS Protocols and Cipher Suites: Ensuring Secure Communication
6. Strong User Authentication and Access Control
7. Protecting Data with Encrypted Container Fields
8. Server-Side Backups and Snapshot Management
9. Securing Server Ports
10. User Session Management and Limiting Access to Invited Users
11. Regular Security Audits and Monitoring
12. File Encryption and Restoring from Backups
13. The Path to a Secure FileMaker Server

1. Hosting FileMaker Server: On-Premises vs. Data Centers

When hosting a FileMaker Server, you must decide whether to host the server on-premises or in a data center. Both options have advantages and challenges that need to be carefully weighed.

On-Premises Hosting: Control vs. Responsibility

On-premises hosting provides full control over the server, allowing you to manage both the hardware and software. However, this also means you are responsible for every aspect of maintenance, from hardware failures to security updates.

Advantages of On-Premises Hosting:

• Full Control: You have complete control over the hardware, network configurations, and operating system.
• Low Latency: With local network access, latency is minimal, making it ideal for environments where speed is critical.
• Direct Access: Immediate physical access to the server can make troubleshooting more straightforward.

Disadvantages of On-Premises Hosting:

• Hardware Failures: When a disk fails or RAM malfunctions, you are responsible for replacing it.
• Security Risks: Physical access to the server increases the risk of unauthorized access, especially if not housed in a secure environment.
• High Maintenance Costs: Managing the server hardware, network equipment, and continuous monitoring of the server’s health can become costly and resource-intensive.

2. Virtual Private Servers (VPS) and Their Benefits

For organizations that prefer flexibility and scalability, Virtual Private Servers (VPS) are an excellent option. VPS allows you to rent a portion of a physical server in a data center, offering benefits like improved security, resource scaling, and lower cost compared to dedicated servers.

Key Advantages of VPS Hosting:

• Isolated Environment: Even though multiple VPS instances run on the same physical server, each instance operates in a completely isolated environment, enhancing security.
• Resource Flexibility: You can adjust server resources (RAM, CPU, storage) as needed. If your FileMaker solution grows, you can scale up without having to move to a new server.
• Snapshots for Backup: VPS solutions often allow you to create snapshots of your system, enabling quick recovery in case of a failure or an update issue.
• Failover Support: High-quality VPS providers have failover mechanisms in place, ensuring that if one physical component fails, your server instance remains unaffected.

3. Essential Components for Hosting FileMaker Server #tag3

Setting up FileMaker Server in a secure and efficient manner requires several key components:

• Dedicated Server: It is recommended to use a dedicated machine for hosting FileMaker Server. Running multiple services (such as file sharing or DNS servers) on the same machine increases security risks and performance issues.
• Operating System: FileMaker Server supports both macOS and Windows Server, though Windows is typically more commonly used in data centers due to its broader support for virtualization.
• SSL Certificate: Secure Socket Layer (SSL) certificates are critical for encrypting communication between clients and the server. This protects the integrity and confidentiality of the data transmitted.
• DNS and VPN: Proper DNS management ensures that your server is reachable by clients using friendly domain names. Adding a Virtual Private Network (VPN) helps secure remote connections to the server.

4. Managing Server Security with SSL Certificates #tag4

SSL certificates are a cornerstone of modern server security, encrypting data in transit between the client and server. When properly configured, SSL ensures that communication is not only encrypted but also authenticated.

Types of SSL Certificates:

• Domain Validation (DV): Verifies that you control the domain name associated with the server. Suitable for general use and websites without sensitive data exchanges.
• Organization Validation (OV): Provides additional verification by confirming the legitimacy of your organization. This type is often used for internal systems and websites requiring some level of trust.
• Extended Validation (EV): Offers the highest level of validation. EV certificates are typically used for e-commerce and financial services where high trust is required.

Why Self-Signed Certificates are Not Recommended:
Self-signed certificates are easier to create but should not be used for production environments. They do not provide any authentication, meaning that clients cannot be sure they are communicating with the intended server, opening up the risk of man-in-the-middle attacks.

Let’s Encrypt for FileMaker Server:
Let’s Encrypt offers free, automated SSL certificates that are suitable for smaller websites or non-sensitive environments. However, Let’s Encrypt certificates do not offer the same financial guarantees and support as paid certificates. If using Let’s Encrypt for FileMaker Server, be aware that their certificates must be renewed every three months, requiring regular attention to avoid expiration.

5. TLS Protocols and Cipher Suites: Ensuring Secure Communication #tag5

Transport Layer Security (TLS) is the successor to SSL and ensures secure communication between clients and FileMaker Server. The latest versions of TLS (1.2 and 1.3) should be used to protect against known vulnerabilities in older protocols like SSL 3.0 and TLS 1.0.

Cipher Suites:
Cipher suites are a combination of encryption algorithms that secure communications. FileMaker Server supports several cipher suites, and administrators should configure the server to use only secure, modern cipher suites. On Windows-based servers, you can fine-tune cipher suites using tools like IISCrypto, ensuring that only strong encryption algorithms are used.

Disabling Old Protocols:
It is crucial to disable outdated and vulnerable protocols such as SSL 2.0, SSL 3.0, and older versions of TLS. Allowing these protocols to remain active can leave your server vulnerable to attacks like POODLE (Padding Oracle On Downgraded Legacy Encryption) and BEAST (Browser Exploit Against SSL/TLS).

6. Strong User Authentication and Access Control #tag6

One of the most important aspects of FileMaker Server security is managing user authentication and controlling access. Implementing strong passwords, restricting access by roles, and using external authentication systems help protect the server from unauthorized access.

Password Policies:
Ensure that all users have strong, unique passwords. Avoid using default credentials such as admin/admin or admin/12345. FileMaker Server’s admin console should always be protected with a complex username and password combination.

External Authentication:
External authentication allows you to use systems like Active Directory, Google, or Microsoft Azure to manage user access. This helps centralize user management, ensuring that users authenticate with their existing credentials and that password policies are enforced across the organization.

7. Protecting Data with Encrypted Container Fields #tag7

FileMaker solutions often store files like images, documents, and PDFs in container fields. While convenient, this can also introduce security risks, especially if sensitive files are stored in these containers. FileMaker Server allows you to store container data externally and encrypt it for added protection.

Encrypted Storage:
With encrypted container fields, the stored data is broken into smaller encrypted pieces that only FileMaker Server can reconstruct. This ensures that even if someone gains access to the server’s file system, they cannot view the contents of the container without access to the FileMaker solution.

8. Server-Side Backups and Snapshot Management #tag8

Regular backups are essential for ensuring data integrity and availability in the event of hardware failures, software issues, or attacks like ransomware. FileMaker Server supports server-side backups, which allow administrators to schedule automatic backups of hosted databases.

VPS Snapshots:
For those using VPS hosting, creating regular snapshots of your server is an excellent way to ensure quick recovery in case of failure. Snapshots capture the state of the server, allowing you to revert to a previous configuration with minimal downtime.

9. Securing Server Ports #tag9

FileMaker Server requires several ports to be open for normal operation, such as:

• Port 5003: For FileMaker Pro client connections.
• Port 443: For secure HTTPS WebDirect connections.
• Port 16000: For Admin Console access.

Closing Unnecessary Ports:
To minimize the server’s exposure to attacks, close any unused ports. Only open the necessary ports for the services you need. For example, if WebDirect is not being used, close ports 80 and 443 to reduce the potential attack surface.

Using VPN for Remote Access:
When accessing the server remotely, always use a VPN to tunnel traffic securely. Avoid direct access through Remote Desktop or other remote management tools unless it’s secured through a VPN or similar technology.

10. User Session Management and Limiting Access to Invited Users #tag10

It’s important to manage who can access the server and under what conditions. FileMaker Server should never allow unauthenticated access, such as guest users or weakly authenticated connections.

Disable Guest Access:
Guest accounts pose a significant security risk, as they often provide access without proper authentication. Always disable guest access on FileMaker Server.

Limit Automatic Logins:
Avoid automatic login configurations where a default admin user is logged in without a password. Such practices allow anyone who gains access to the system to operate without restrictions.

11. Regular Security Audits and Monitoring #tag11

Security is an ongoing process, and regular audits are essential to maintaining a secure FileMaker Server environment. Monitoring tools like Wazuh can be integrated to detect unusual activities, such as unauthorized access attempts or suspicious script executions.

Proactive Monitoring:
Set up alerts for unusual activity, such as large data exports, high CPU usage, or attempts to access restricted areas of the system. By detecting these activities early, you can respond before a breach occurs.

12. File Encryption and Restoring from Backups

File encryption is a powerful tool for protecting your databases. FileMaker allows databases to be encrypted with AES-256 encryption, ensuring that even if someone gains physical access to the server, they cannot open the database without the encryption key.

Restoring Secure Backups:
When restoring a backup, it’s essential to restore not only the database but also any encrypted containers and associated storage directories. If container data is not restored properly, you may find that your database opens without access to the data within the container fields.

The Path to a Secure FileMaker Server

Securing your FileMaker Server involves a layered approach that combines infrastructure choices, proper configuration, user management, and regular maintenance. By implementing these best practices, you can significantly reduce the risk of data breaches, ensure compliance with security standards, and protect sensitive information. Whether hosting on-premises or in a data center, maintaining up-to-date software, enforcing strong authentication, and encrypting data are critical steps to creating a secure and reliable FileMaker environment.