[DBTech] DragonByte Security

[DBTech] DragonByte Security 4.5.5

No permission to buy ($24.95)
Update highlights

This version contains an update to support the new API for fetching the list of countries. You now require a (free) API key in order to fetch this data, added via the new setting.


Complete Change Log

Fix: Updated the Country API to account for changes in 3rd party services (now requires an API key)
Update highlights

This version resolves an issue when loading options on certain pages other than the main AdminCP settings page.


Complete Change Log

Fix: When viewing options from pages other than the "Settings" page, a server error could be generated
  • Like
Reactions: CoZmicShReddeR
Update highlights

This version changes the way sessions are handled in order to improve performance.

DB Security stores a copy of some session information in order to support the ability to disconnect sessions via the "Privacy & Security" settings, as well as some other features.

In prior versions, old DB Security sessions would be deleted any time a user started a new session. This was done in order to ensure that no-one could hijack a session or no-one could still be logged in with an expired session.
However, this doesn't scale well for large forums with a large amount of sessions. In this version, old DB Security sessions are now expired using a hourly cron job, and any code that previously looked for DB Security sessions has been updated to also check for expiry.

None of these changes affect the built-in XenForo session system.


Complete Change Log

Change: Expired sessions are now deleted via a Cron job instead of on session start
Update highlights

This version fixes a few bugs related to the Watcher system reported by the community.


Complete Change Log

Fix: Hide log entries that do not have a valid Watcher record
Fix: Watcher log entries were not removed after a watcher had been deleted
Fix: If no security watchers were set up, the cache could be rebuilt repeatedly when this was not needed
  • Like
Reactions: Nirjonadda
Update highlights

This version fixes a couple bugs reported by the community.


Complete Change Log

Fix: Fixed a race condition where the same fingerprint could be inserted twice, generating a server error
Fix: Fix a few server errors in the Watcher service
Update highlights

!!! THIS VERSION REQUIRES XENFORO 2.2.0 AND PHP 7.2.0 !!!

Coinciding with the release of XenForo 2.2.0, all XenForo 2.2 versions are now Gold 🎉 This is also the last version that will contain the XF 2.2 / PHP 7.2 warning in the release notes.


Complete Change Log

Fix: Fix typo in the "Reset password" watcher action
Update highlights

!!! THIS VERSION REQUIRES XENFORO 2.2.0 AND PHP 7.2.0 !!!

This version contains coding style updates and changes for XenForo 2.2.0 / PHP 7.2.0.

XenForo 2.2 features two new "Security lock" features that function slightly differently than the account locks already present in DragonByte Security. These two new features can now be used as Watcher actions where possible.

Furthermore, a couple bugs have been resolved.

This version is flagged as a Beta version, although it has been tested on a live site.


Complete Change Log

Feature: The two new "Security lock" features in XenForo 2.2 can now be used as Watcher actions where this makes sense
Fix: Fix TOR exit node handling
Fix: Handle a 404 response from HIBP
Update highlights

This is a quick update to fix a logged error stemming from incorrect handling of a 404 error when calling the Have I Been Pwned? API.

Did you know that there are actual email accounts out there that have never been a victim of a data breach? Neither did I. How long ago was this feature implemented, 1-2 years ago? Crazy.

PS: For those waiting for a XenForo 2.2 version, it's still in testing @ DBTech.


Complete Change Log

Fix: Handle a 404 response from HIBP
Update highlights

This version brings the return of the login session management feature from the XenForo 1.5 version. The previous session management version had some issues, namely in that deleted sessions would be re-generated if the other browser instance wasn't already being logged out.

With v4.4.0, deleting a login session will force the other session to end, as was always intended.


Complete Change Log

Feature: Login session management - Log out of other devices via your Password & Security page
Update highlights

This version fixes a few bugs reported by the community.


Complete Change Log

Fix: "The following sub-option(s) are unknown: includeWebGL" when saving settings
Fix: Fix regression from 4.3.3 affecting fingerprints
Top