[DBTech] DragonByte Security

[DBTech] DragonByte Security [Paid] 4.0.1

No permission to buy ($14.95)
Overview Updates (19) Reviews (2) History Discussion
Alfa1 said:
While I highly recommend this addon to other admins (for non-corporate use) I find it disappointing that there has been no feature release since February and not even maintenance releases.
Click to expand...
I find it highly disappointing that cloning technology hasn't yet gotten to the point where I can create one copy of myself for each of our products so that they can all receive my full attention, so I guess we're both out of luck :p

Alfa1 said:
Its great that you are working on XF2 releases, and that will be of much use when we upgrade our sites in 2019.
Click to expand...
I'm glad your site isn't the only XF site on the internet then, or I would have wasted my time working on all these XF2 updates :)

Alfa1 said:
I do hope that you will consider to update this product for XF1. Your last line seems to indicate this and I am hoping that I am understanding this correctly.
Click to expand...
Any future updates to the XF2 version will be accompanied by an update to the XF1 and vB versions, as they are all running the same code base so only platform-specific integrations and templates will differ.

That being said, please do be aware that just because I finish the initial batch of XF2 releases does not mean I will have all the time in the world to redesign the systems of this mod to meet your exact needs and specifications. Not only are new mods needed to sustain the business (simply maintaining existing mods would see us go out of business), but contract work also takes priority over free updates.

I am aware that you have usability issues with this mod. I am also aware that you have been burned by 3rd party developers in regards to custom work in the past. Even taking both of those points into consideration, I cannot justify prioritising providing you with free updates to this mod over paid contract work.

If you need the usability issues corrected yesterday, I would need to ask you to consider submitting a custom work request @ our site with a complete list of changes you require, with as much detail as possible. If that is not an option for you, then I can only apologise for needing to delay providing the updates to this mod.

Floyd R Turbo said:
IP banning I think needs to be combined with type in order to work. You can't ban cellular-based IP addresses in the US. You will get false positives all over the board. For the same reason, you can't use a User Map addon that uses IP addresses for locations in the US. It doesn't work.
Click to expand...
Unfortunately I am not aware of any method of detecting whether an IP address is a residential, commercial or cellular IP address, sorry :(


Fillip
 
Shouldn't you start a separate addon for XF2 version? People are going to want the XF1 version for a while I would think...Or does this work with both, i.e. it "knows" which XF you're running?
 
Floyd R Turbo said:
Shouldn't you start a separate addon for XF2 version?
Click to expand...
There is a separate add-on in the Resource Manager as well :)

Floyd R Turbo said:
People are going to want the XF1 version for a while I would think...Or does this work with both, i.e. it "knows" which XF you're running?
Click to expand...
Correct. The core code will run on both, and the download supplies both XF1 specific code and XF2 specific code (such as event listeners, etc).

It's not the most elegant solution in the world, since it does mean people who only want the XF2 version still have the files for the XF1 version on their site, but for now it's the best solution that doesn't involve me having to bodge anything in our eCommerce software, while still giving people free updates :)

For the future, when I write an XF2-compatible eCommerce suite, I can look into adding "choose your version" functionality so XF1 users only get XF1 files, and vice versa :)


Fillip
 
I'm getting the following error from this add-on while people try and use 2FA:
Code: 
Zend_Db_Statement_Mysqli_Exception: Mysqli prepare error: Unknown column 'user_agent' in 'field list' - library/Zend/Db/Statement/Mysqli.php:77
 
Jayson said:
I'm getting the following error from this add-on while people try and use 2FA:
Code: 
Zend_Db_Statement_Mysqli_Exception: Mysqli prepare error: Unknown column 'user_agent' in 'field list' - library/Zend/Db/Statement/Mysqli.php:77
Click to expand...
Can you please post the full error & stack trace?


Fillip
 
DragonByte Tech said:
Can you please post the full error & stack trace?


Fillip
Click to expand...
Code: 
#0 /var/www/mctrades/library/Zend/Db/Statement.php(115): Zend_Db_Statement_Mysqli->_prepare('\n\t\t\tUPDATE xf_u...')
#1 /var/www/mctrades/library/Zend/Db/Adapter/Mysqli.php(381): Zend_Db_Statement->__construct(Object(Zend_Db_Adapter_Mysqli), '\n\t\t\tUPDATE xf_u...')
#2 /var/www/mctrades/library/Zend/Db/Adapter/Abstract.php(478): Zend_Db_Adapter_Mysqli->prepare('\n\t\t\tUPDATE xf_u...')
#3 /var/www/mctrades/library/DBTech/Security/XenForo/Model/Tfa.php(13): Zend_Db_Adapter_Abstract->query('\n\t\t\tUPDATE xf_u...', Array)
#4 /var/www/mctrades/library/XenForo/ControllerHelper/Login.php(165): DBTech_Security_XenForo_Model_Tfa->createTrustedKey(873)
#5 /var/www/mctrades/library/DBTech/Security/XenForo/ControllerHelper/Login.php(8): XenForo_ControllerHelper_Login->setDeviceTrusted(873)
#6 /var/www/mctrades/library/XenForo/ControllerPublic/Login.php(187): DBTech_Security_XenForo_ControllerHelper_Login->setDeviceTrusted(873)
#7 /var/www/mctrades/library/LoginSecurity/XenForo/ControllerPublic/Login.php(50): XenForo_ControllerPublic_Login->actionTwoStep()
#8 /var/www/mctrades/library/XenForo/FrontController.php(351): LoginSecurity_XenForo_ControllerPublic_Login->actionTwoStep()
#9 /var/www/mctrades/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#10 /var/www/mctrades/index.php(12): XenForo_FrontController->run()
#11 {main}
Code: 
array(3) {
  ["url"] => string(35) "https://mctrades.org/login/two-step"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(11) {
    ["code"] => string(6) "-REDACTED-"
    ["trust"] => string(1) "1"
    ["provider"] => string(5) "email"
    ["_xfConfirm"] => string(1) "1"
    ["_xfToken"] => string(8) "********"
    ["remember"] => string(1) "1"
    ["redirect"] => string(21) "https://mctrades.org/"
    ["save"] => string(7) "Confirm"
    ["_xfRequestUri"] => string(65) "/login/two-step?redirect=https%3A%2F%2Fmctrades.org%2F&remember=1"
    ["_xfNoRedirect"] => string(1) "1"
    ["_xfResponseType"] => string(4) "json"
  }
}
 
Jayson said:
Code: 
#0 /var/www/mctrades/library/Zend/Db/Statement.php(115): Zend_Db_Statement_Mysqli->_prepare('\n\t\t\tUPDATE xf_u...')
#1 /var/www/mctrades/library/Zend/Db/Adapter/Mysqli.php(381): Zend_Db_Statement->__construct(Object(Zend_Db_Adapter_Mysqli), '\n\t\t\tUPDATE xf_u...')
#2 /var/www/mctrades/library/Zend/Db/Adapter/Abstract.php(478): Zend_Db_Adapter_Mysqli->prepare('\n\t\t\tUPDATE xf_u...')
#3 /var/www/mctrades/library/DBTech/Security/XenForo/Model/Tfa.php(13): Zend_Db_Adapter_Abstract->query('\n\t\t\tUPDATE xf_u...', Array)
#4 /var/www/mctrades/library/XenForo/ControllerHelper/Login.php(165): DBTech_Security_XenForo_Model_Tfa->createTrustedKey(873)
#5 /var/www/mctrades/library/DBTech/Security/XenForo/ControllerHelper/Login.php(8): XenForo_ControllerHelper_Login->setDeviceTrusted(873)
#6 /var/www/mctrades/library/XenForo/ControllerPublic/Login.php(187): DBTech_Security_XenForo_ControllerHelper_Login->setDeviceTrusted(873)
#7 /var/www/mctrades/library/LoginSecurity/XenForo/ControllerPublic/Login.php(50): XenForo_ControllerPublic_Login->actionTwoStep()
#8 /var/www/mctrades/library/XenForo/FrontController.php(351): LoginSecurity_XenForo_ControllerPublic_Login->actionTwoStep()
#9 /var/www/mctrades/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#10 /var/www/mctrades/index.php(12): XenForo_FrontController->run()
#11 {main}
Code: 
array(3) {
  ["url"] => string(35) "https://mctrades.org/login/two-step"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(11) {
    ["code"] => string(6) "-REDACTED-"
    ["trust"] => string(1) "1"
    ["provider"] => string(5) "email"
    ["_xfConfirm"] => string(1) "1"
    ["_xfToken"] => string(8) "********"
    ["remember"] => string(1) "1"
    ["redirect"] => string(21) "https://mctrades.org/"
    ["save"] => string(7) "Confirm"
    ["_xfRequestUri"] => string(65) "/login/two-step?redirect=https%3A%2F%2Fmctrades.org%2F&remember=1"
    ["_xfNoRedirect"] => string(1) "1"
    ["_xfResponseType"] => string(4) "json"
  }
}
Click to expand...
That appears to be an issue with a clean install, if you run this query:
Code: 
            ALTER TABLE `xf_user_tfa_trusted`
                ADD `user_agent` varchar(255) NOT NULL DEFAULT ''
That should resolve the issue :)

Thanks!


Fillip
 
Suggestion:
For security alerts sent to the admin by email, include a direct link to the relevant information OR include it in the email.
For example if the email informs the admin of a potentially compromised account, then include a list of login attempts. It will be become evident to the admin if it concerns a legitimate user or a real breach. A legitimate user will attempt to log into variations of the same name, while a hacker will try to log into very different accounts.
 
This started popping up for some reason: v4.0.0 Beta 3

Code: 
XenForo_Exception: No controller response from DBTech_Security_XenForo_ControllerPublic_Security::actionLock - library/XenForo/FrontController.php:486
Generated By: Lexus55, Yesterday at 10:12 PM

Stack Trace
#0 /home/nginx/domains/domain.com/public/library/XenForo/FrontController.php(359): XenForo_FrontController->_handleControllerResponse(NULL, 'DBTech_Security...', 'Lock')
#1 /home/nginx/domains/domain.com/public/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#2 /home/nginx/domains/domain.com/public/index.php(13): XenForo_FrontController->run()
#3 {main}

Request State
array(3) {
["url"] => string(48) "https://domain.com/dbtech-security/lock"
["_GET"] => array(4) {
["/dbtech-security/lock"] => string(0) ""
["do"] => string(4) "lock"
["action"] => string(5) "index"
["id"] => int(0)
}
["_POST"] => array(0) {
}
Code: 
Error Info ErrorException: Undefined index: do - library/DBTech/Security/XenForo/ControllerPublic/Security.php:65
Generated By: Unknown Account, Yesterday at 11:22 PM

Stack Trace
#0 /home/nginx/domains/domain.com/public/library/DBTech/Security/XenForo/ControllerPublic/Security.php(65): XenForo_Application::handlePhpError(8, 'Undefined index...', '/home/nginx/dom...', 65, Array)
#1 /home/nginx/domains/domain.com/public/library/XenForo/FrontController.php(351): DBTech_Security_XenForo_ControllerPublic_Security->actionLock()
#2 /home/nginx/domains/domain.com/public/library/XenForo/FrontController.php(134): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#3 /home/nginx/domains/domain.com/public/index.php(13): XenForo_FrontController->run()
#4 {main}

Request State
array(3) {
["url"] => string(100) "https://domain.com/dbtech-security/lock?action=unlock&hash=c6ec23954f37c2cfd37fccc19c65eeb1"
["_GET"] => array(5) {
["/dbtech-security/lock"] => string(0) ""
["action"] => string(6) "unlock"
["hash"] => string(32) "c6ec23954f37c2cfd37fccc19c65eeb1"
["do"] => string(4) "lock"
["id"] => int(0)
}
["_POST"] => array(0) {
}
}

Watching this, 697 events recorded in the past 12 hours.
 
It has been many months since version 4 was released as a beta. Unfortunately its still in beta and the issues I reported last year are included in version 4 only. Could you release a Gold version please so that I can upgrade my big board? I don't feel comfortable installing the beta.
 
Alfa1 said:
It has been many months since version 4 was released as a beta. Unfortunately its still in beta and the issues I reported last year are included in version 4 only. Could you release a Gold version please so that I can upgrade my big board? I don't feel comfortable installing the beta.
Click to expand...
I'm not entirely sure I understand. If I release a new version and call it "4.0.0 Gold", that does not change the stability of the product vs. if I call it "4.0.0 Beta 4".

Can you please explain to me the logic behind your query?

That aside, I do have another beta version I've been sitting on for about a week now, I'll get it released.


Fillip
 
You must log in or register to reply here.

Similar threads

DragonByte Tech
[DBTech] DragonByte Social Groups [Paid]
3 4 5
Replies
92
Views
6K
Chernabog
Chernabog
Painbaker
[OzzModz] Russian languge for [DBTech] DragonByte Security
Replies
2
Views
652
Ozzy47
Ozzy47
DragonByte Tech
[DBTech] DragonByte Security [Paid]
14 15 16
Replies
317
Views
20K
DragonByte Tech
DragonByte Tech
DragonByte Tech
[DBTech] DragonByte User Upgrade Coupons [Paid]
2 3 4
Replies
69
Views
5K
DragonByte Tech
DragonByte Tech
DragonByte Tech
[DBTech] DragonByte InfoPanels [Paid]
2
Replies
29
Views
2K
DragonByte Tech
DragonByte Tech
Top Bottom