On a shared server, I do not see a Use Case to ever justify giving a user access via RDP; however, it that changed it is possible to highly limit access on that account so that user could not access data files, launch apps outside of their Program Manager, etc. Example- At one stage the Windows version of vSphere was more powerful than the web interface, so we created special RDP that only allowed access to this one app.
As for the Server Admin Tool, Administrator Groups where designed to isolate clients. As long as permissions are set to,restrict access to the log (which would expose other user data), I have no issue with SAT access. FMI is disallowing use of this tool for 'bundled solutions', but 95% of this functionality can be created elsewhere.
FTP (and web) services are provided by IIS (on Windows) which supports multi-homing, so as long as each account is set up on a unique sub domain or domain, then all their files are isolated. It is possible to connect FMS to each site on a case by case basis. Quotas can also be enforced on a user by user basis to prevent one user from sucking up all the resources.
Generally, we have permitted users to upload files without checking them. In fact, we have made a point to not know file credentials. After hosting since 1998, I can't think of a specific issue where is has created a problem. I order to comply with FileMaker 'solution' requirements, we may be forced to check solutions. We have offered this as an option service based off of Beezwax Inspector.
On shared servers, in the past; we simply do not support server-side plug-ins as many have file functionality which runs as 'system user'. Rarely, do we even recieve questions about this policy.
As for users managing their own passwords- we have always permitted this. IF they set weak passwords, they risk their data, but it doesn't affect the users which have followed good practices. Furthermore, the support costs to add/ remove users each time any of our clients had a staff change would be sizable, and even in the best of cases would take more time than if a local developer had those rights.
there another thread labeled commercial hosting changes, but it keeps going off-topic; so I'm going to limit my responses- even though I have other thoughts. The reason I assume you are asking these questions is because of FileMaker's new requirements.
FileMaker has stated (in a FAQ) that providers are responsible for providing all the resources to host a solution. They also maintain that we should enforce good passwords and coding practices. I COULD NOT DISAGREE MORE....
If I throw a party and order 5 pizzas, the pizza boy would never be held responsible to make sure that everyone was full. His job was to provide what the client ordered. In the same way, a hosting provider should not have to 'inspect' every solution and estimate the performance needs- it is the client which has the choice in what they order, and the provider needs to provide that level of service.
we are all trying to figure out what plans we can and can not offer for FileMaker 15. I would enjoy collaboration on that topic, but that was not the topic of this thread.
Hi Joe and everybody else,
My point is that while most of the points I ask are close to no-go: Do not give the owner of the database/the user those openings. But I get the impression that a lot of hosting companies are letting people do nearly everything they want.
If you choose to host MySQL you will in most cases get your own instance, and would never ever be able to see into another person's database.
Prior to FileMaker 15 you could upload a file without password and the admin account with full access ... thus one customer who logged in with admin could see all other customers files. And log in to them ... if the one who created the file and uploaded it did not know a lot about FileMaker.
Therefore: If multi-customer-hosting-on-the-same-server-instance is to be permitted we need a very strict set of guidelines to follow. And ... here I am contradicting you ... the server administrator will have to be able to check that.
The alternative is one-isolated-server-for-each-customer and then they can get any access.
You should try to create a separate FileMaker 15 Windows 2012R2 based server at Amazon ... the first year is for free within some limits ... one of those for each hosted client could be the solution if FileMaker does not develop the administrator groups further to deliver a FileMaker hosting version, but I have not heard of that coming.
For more on Amazon: Have a look at the next post.
What are we doing short term
We will offer hosting following the guidelines given to us by FileMaker. Of course.
Option 1: VM on Windows
Therefore we have set up pretty well configured Windows 2012 R2 server with virtualisation. Here we can create one pretty powerfull instance fore each customer: But the price is expensive hardware (shared) and expensive Windows licences per customer (not shared).
Option 2: A server per customer
Therefore we have also purchased a number of mid-performance-configured-mac-minis. Each Mac mini will host one customer. The price of one full Mac mini with OS license is competitive compared to Windows Server licenses on a VM.
For each FileMaker 15 customer there will be one FMS license.
Option 3: Small solutions with few users
Those we can not support on FileMaker 15. We will have to set up a server for those running FileMaker Server 14. And it is for those we will have the tough decisions to make. How limited should the hosting customers options be?
Giving them full access to their own solution sound logical. But this will give them the ability to compromise security, and they are not Certified FileMaker Developers.
Long term we will look at the other options. Will Amazon be a good choice for our hosting customers, if so we will add that to our options. We are still analysing the price structure.
We are testing Amazon Windows VM's just now.
- Setting up the account will take you 10 minutes.
- Setting up each independent Windows 2012R2 server including web server will take you 20 minutes.
- Installing and configuring FileMaker Server will take you 20 minutes. Remember some backup service to another place!
Al together less than 1 hour for the first server and probably 30 minutes for each new server after that. And most of the time is just waiting. You can do something else during a lot of the time.
We are just doing this for testing purposes now. But will return with the results.
If the price structure is OK it could be a logical choice for some of our coming hosting customers. Depending on their data and the laws that apply.
Thanks for sharing these details Carsten Levin!
This blog post by davidhamannmedia is useful for people looking at AWS: https://www.davidhamannmedia.com/de/post-amazon-web-services-and-filemaker--setting-up-fms-on-ec2 - written before the public release of FileMaker Server 15.
One addition: Setting up the server at Amazon is a case of RTFM. Everything is very clear and well documented. But breaking the hole to allow access to WebDirect and FileMaker (5003) from the outside took the help from my good partner at Codeo, Bo Siggard. Amazon has added security, an extra FireWall function to the standard Windows 2012 that need to be opened as well.
But when done once it is a piece of cake.
Next issue: How to make a backup when I can not attach an extra physical HD. We are using services like backupbank.dk and others for offsite transfer of files.
This is a very good link!
It is not that I want this tread to be about Amazon only, it is just one diversion that can be relevant when trying to facilitate one-customer-one-server.
Interesting thread. Here's my question: Are you not concerned about hosting FMS through a service not familiar with FileMaker? We've had some bad experiences where server admins simply restart the box without regard for disconnecting users or closing databases. On occasion, this results in corrupted data. How do you handle that with a third-party hosting service?
We are pretty early in the process with Amazon, just testing with two servers so far.
You may call me naive, but I do not expect Amazon to shut down or restart the server without prior notice.
If I do not feel secure I may consider changing the settings to not start up the fms automatically after restart, thereby making sure that I know if the server has been restarted by somebody else.
I guess the problem would be more eminent with smaller hosting companies than Amazon?
But, I admit, we do not have this experience yet.
Just curious. Maybe someone else who’s been working this angle can chime in.
(Sorry to derail the thread.)
I have some experience with VPS and FileMaker, I've used iiNet, VPSBlocks, and Amazon for virtual server hosting.
I have never used "managed hosting" but in that case they can shut the server down on you as they do all the management like software updates etc.. If you completely self manage then they shouldn't shut it down unless you ask for an upgrade that they can't do on the fly, e.g. RAM and CPU upgrades or you ask for some (paid) support and they shut down on you.
My advice for virtual hosts is to read all the fine print and check the speeds of their drives. iiNet is a huge ISP here but when I used them (years ago) the 3 servers we were using had extremely slow drives.
1 of 1 people found this helpful
This is why we own, architect and manage all of our hardware ourselves. Using someone else's VMs as a hosting provider is a recipe for trouble, as you are ceding a huge amount of control over the quality of your service. As a result, our servers are faster and have higher availability than Amazon's offerings.
Just to expand on what I really mean by "read all the fine print". Look for what is not written. For example if drive speeds are not mentioned then they may be slow. If 'offsite' backups are not mentioned then they probably don't do them and in the case of a datacentre disaster (earthquake / flood) then you want to do your own offsites. If an uptime guarantee isn't mentioned then they may have some downtime.
Just FYI, here are some uptime stats. for some providers. It's probably more 'interesting' to look at rather than a useful resource. Service Status | CloudHarmony