[DBTech] DragonByte Security 5.1.0.1

Update highlights

This version is an "emergency" update to address the closure of the existing HaveIBeenPwned integration, which powers the "Account breach checker" feature.

v3 of their API requires authentication, and a monthly payment to continue using it. Please see the blog entry on the creator's website for more information: https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/

It is not possible to continue using the existing API found in v4.2.6 or earlier. If you are unable or unwilling to update to this version, please disable the account breach checker to prevent further problems.


Complete Change Log

Change: Updated HaveIBeenPwned integration (account breach checker) to use v3 of their API

Update highlights

This version makes changes to the way API lookups are handled in order to protect against invalid responses from APIs such as HaveIBeenPwned.

The new privacy-focused API calls made the response data more susceptible to invalid data being parsed, but hopefully these changes should resolve that permanently.


Complete Change Log

Change: Add protection from invalid responses from various API lookups
Fix: Fixed an issue where invalid responses from HaveIBeenPwned would cause a server error

Update highlights

This version contains a follow-up to the changes in the previous version, where an empty response from certain requests could produce a server error.


Complete Change Log

Fix: Ensure we don't attempt to json_decode on an empty body

Update highlights

This version improves compatibility with core XenForo features by supporting the "HTTP Proxy" feature in XenForo. This feature is used by certain sites that may be the target of harassment / DDoS attacks, to mask the true IP of the server.

When making calls to 3rd party websites, such as MaxMind to download the latest GeoIP database, those HTTP calls would expose the true IP of the server.

For this reason, the HTTP calls in this product have been updated to support the HTTP proxy. Going forward, all DBTech products that make calls to 3rd party APIs will support the HTTP Proxy feature where possible.

Furthermore, the old low-resolution images used in the password rules display have been replaced with FontAwesome icons.

Lastly, a server error when doing a mass password reset has been resolved.


Complete Change Log

Change: Changed the way API calls are made, in order to support the HTTP Proxy feature in XenForo
Change: Use FontAwesome for the password rule indicators instead of images
Fix: Fix a server error when doing mass password reset

Update highlights

This update fixes bugs reported by the community.


Complete Change Log

Fix: The link to IP address info in the IP Address Search results now works as intended
Fix: Fix a bug in the Bad Behavior script
Fix: Fix for a possible duplicate entry in the fingerprint log

Update highlights

This update changes the way the "Country Blocks" feature works internally.

Prior to this update, IP addresses were updated and saved to the ban log when you made changes to the "Country Blocks" page without any kind of background processing. This meant that if you were trying to block either a large number of countries, or a country with a large IP block such as China or the United States, the page could time out.

In this update, the IP addresses are updated and blocked in the background when you save the page, reducing the risk of timeout errors.


Complete Change Log

Change: Country blocks are now saved / updated in the background

Update highlights

This is a minor bug fix release that fixes an issue where the password rules would break the layout of the password box in the user control panel as well as on the registration page.


Complete Change Log

Fix: Fixed an issue where the password rules would break the password box layout

Update highlights

This release features back-end only changes, making required changes to support XenForo 2.1.

In addition, an issue with a template modification being incorrectly applied in the Admin panel, causing a server error during an upgrade of this product, has been fixed. It is safe to ignore that error, this upgrade is the last time it'll appear (hopefully!)


Complete Change Log

Change: Updated various HTTP requests to match the changes in XF 2.1
Fix: Fixed an issue where a template modification would display a server error during an upgrade of this addon. It is safe to ignore that error.

Update highlights

After a lengthy Beta period, this product has gone Gold

This version contains no changes from the previous version. Future updates will require XenForo 2.1.

This version does not work on XenForo 2.1. Please do not upgrade to XenForo 2.1 until a 2.1 compatible version has been released.

To see the full details on the v4.1.0 release, click here: https://www.dragonbyte-tech.com/store/dragonbyte-security.345/release/1751/


Complete Change Log

No changes.

Because of a backwards breaking change in XenForo 2.1, and because I plan to take advantage of new features only available in XenForo 2.1, the next version will require XenForo 2.1.

The current version will NOT work with XenForo 2.1. A blocking issue has been identified with XenForo 2.1:

• Certain Cron jobs will not work due to a change in the back-end code that powers XenForo (A.K.A. "The Guzzle Change")

The issue has been fixed in an internal build that will be released A.S.A.P., once I am confident enough there are no other blocking issues.

In the meantime, I will release a "Gold" version of the current beta or RC version. This "Gold" version should work fine with XenForo 2.1. There are no known blocking issues with the planned "Gold" version of this mod preventing it from running on XenForo 2.1.