Hosting your files in the cloud offers many advantages, but it involves a minimum of security measures.

The following is not an exhaustive list of security measures you can take to keep your application secure. It is a set of measures to take before uploading a file to your server.

Other security measures such as encryption, OAuth authentication... are not mandatory to switch to However, they are all supported by our service.

The security dialog (File/Manage/Security)

  • [MANDATORY] disable [Guest] access.
  • [MANDATORY] make sure that all accounts with [Full Access] are password-protected (below FileMaker displays an account with Full Access that is not password-protected in red)
  • [RECOMMENDED] Protect all accounts with password protection (accounts with other privilege than [Full Access] not protected by password will not be displayed in red. Select an account to see on the right whether it is password protected or not.

  • MANDATORY] In Extended privileges, make sure that fmapp is enabled for Full Access privilege set, or you won’t be able to modify the file remotely. If you uploaded a file without fmapp extended privilege set, you will have to remove it from the admin console before you can upload a new one.
  • [RECOMMENDED] in privilege sets where users are allowed to change their passwords, ensure that the minimum length of passwords is sufficient (at least 8 characters)

  • [MANDATORY] in the last tab of the advanced settings, please check the box. Files created with FileMaker 18 and later are configured this way by default.

In the file options (File/File options)

  • [RECOMMENDED] disable default account ('Login using')
  • [MANDATORY] if you absoutely need to define a default account, this account cannot have the [Full Access] privilege.