[DBTech] DragonByte Security

[DBTech] DragonByte Security [Paid] 4.0.1

No permission to buy ($14.95)
Overview Updates (19) Reviews (2) History Discussion
DragonByte Tech said:
Can you please make sure you have deleted the /library/DBTech/Security/ folder then reuploaded that folder alone from the latest Beta version? You are using old code and it's likely that failure to complete that step is the reason.


Fillip
Click to expand...
Okay, I'm going to ask my friend owner to delete and re-upload again. When upgraded add-on and if there anything error or works fine, I will be back right here to tell you.
 
@DragonByte Tech
Hi again,

Just deleted folder /folder/library/DBTech/Security/ and re-upload latest version. A several days later then we got receive server error logs.
Error Info XenForo_Exception: No controller response from DBTech_Security_XenForo_ControllerPublic_Security::actionIndex - library/XenForo/FrontController.php:504
Generated By: Unknown, 30 minutes ago
Stack Trace #0 /home/unknown/site.com/library/XenForo/FrontController.php(377): XenForo_FrontController->_handleControllerResponse(NULL, 'DBTech_Security...', 'Index')
#1 /home/unknown/site.com/library/XenForo/FrontController.php(152): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#2 /home/unknown/site.com/index.php(13): XenForo_FrontController->run()
#3 {main}
Request State array(3) {
["url"] => string(46) "https://site.com/dbtech-security"
["_GET"] => array(2) {
["do"] => string(0) ""
["id"] => int(0)
}
["_POST"] => array(2) {
["do"] => string(0) ""
["id"] => int(0)
}
}
Click to expand...
 
Okay, I have a question that isn't clear to me after skimming through this thread.

The fingerprint feature, what exactly can be done with this? I'm interested in being able to find duplicate accounts with it.
 
doublespaces said:
Okay, I have a question that isn't clear to me after skimming through this thread.

The fingerprint feature, what exactly can be done with this? I'm interested in being able to find duplicate accounts with it.
Click to expand...
At the moment, I believe it's only used to detect new computers' access to staff accounts via the corresponding Watcher.


Fillip
 
Even if this was too resource intensive, you could break it down to a random thing or even if you are suspicious of a user being another user, you could compare them to find an association. Autonomous detection would be nice, but I suspect that would be resource heavy. Being able to run a background task that would build the fingerprints on a cron job, little by little, that would be one option. But at the very minimum, the ability to compare two users against each other if you actively suspect someone has created a new account and you know both account names.
 
DragonByte Tech updated [DBTech] DragonByte Security with a new update entry:

Resource Guidelines Update

What is happening?
On the 11th of July 2018, XenForo published their Resource Guidelines aimed at ensuring performance & stability of XenForo modifications. At the moment, this product does not meet these standards, due to the fact that this product has been engineered to allow the core code to run on both XenForo 1 and XenForo 2.

As a result, I am beginning work on re-engineering this product to become a "native"...
Click to expand...

Read the rest of this update entry...
 
Hello @DragonByte Tech ,

I have noticed server error logs has more than 500 has been logged. A hacker trying to show my real cPanel username, they can see my cPanel username and many error page there. So I've cleaned server error logs, but hacker keep tries to access many errors every day still show over 150x error.

ErrorException: preg_replace(): Compilation failed: invalid range in character class at offset 4 - src/addons/DBTech/Security/Application/Core.php:117
Generated By: Unknown Account, Today at 8:42 PM
Stack Trace
#0 [internal function]: XenForo_Application::handlePhpError(2, 'preg_replace():...', '/home/username...', 117, Array)
#1 /home/username/domain.net/src/addons/DBTech/Security/Application/Core.php(117): preg_replace('/[^\\w-_\\/]/i', '', 'sessions')
#2 /home/username/domain.net/library/DBTech/Security/XenForo/ControllerPublic/Security.php(30): DBTech\Security\Application\Core->runAction('sessions')
#3 /home/username/domain.net/library/XenForo/FrontController.php(369): DBTech_Security_XenForo_ControllerPublic_Security->actionIndex()
#4 /home/username/domain.net/library/XenForo/FrontController.php(152): XenForo_FrontController->dispatch(Object(XenForo_RouteMatch))
#5 /home/username/domain.net/index.php(13): XenForo_FrontController->run()
#6 {main}
Request State
array(3) {
["url"] => string(55) "https://domain.net/dbtech-security/sessions"
["_GET"] => array(2) {
["do"] => string(8) "sessions"
["id"] => int(0)
}
["_POST"] => array(2) {
["do"] => string(8) "sessions"
["id"] => int(0)
}
}
Click to expand...

There is possible to stop/prevent that show my cPanel username bypass and many errors from daily?
 
DragonByte Tech said:
Sorry I’m not sure I understand. Hotfixes do not change the version number.
Click to expand...
Hey, I've tried to config for a reset password to all users from http://domain.com/admin.php?dbtech-security/passwordreset entering to Rest All Passwords after just getting an error on PHP 7.3 and 7.2, 7.1 tested an issue here,
An exception occurred: Call to undefined method DBTech_Security_XenForo_Model_Security::generatePassword() in /home/username/domain.com/library/DBTech/Security/XenForo/Model/UserConfirmation.php on line 38

DBTech_Security_XenForo_Model_UserConfirmation->resetPassword() in /home/username/domain.com/src/addons/DBTech/Security/ActionAdmin/Passwordreset.php at line 132
DBTech\Security\ActionAdmin\Passwordreset->actionResetPasswords() in /home/username/domain.com/src/addons/DBTech/Security/Application/Core.php at line 173
DBTech\Security\Application\Core->runAction() in DBTech/Security/XenForo/ControllerAdmin/Security.php at line 31
DBTech_Security_XenForo_ControllerAdmin_Security->actionIndex() in XenForo/FrontController.php at line 369
XenForo_FrontController->dispatch() in XenForo/FrontController.php at line 152
XenForo_FrontController->run() in /home/username/domain.com/admin.php at line 13
Click to expand...
 
Looks like you're missing some files or the file contents is wrong, try re-downloading and re-uploading.

You should look into upgrading to XF2 as XF1 is soon to become end-of-life.
 
I don't know if it has been mentioned, but the security breach text should really be changed. It is like telling everyone my site's security has failed to the less knowledgeable.
 
You must log in or register to reply here.

Similar threads

DragonByte Tech
[DBTech] DragonByte Social Groups [Paid]
3 4 5
Replies
92
Views
5K
Chernabog
Chernabog
Painbaker
[OzzModz] Russian languge for [DBTech] DragonByte Security
Replies
2
Views
652
Ozzy47
Ozzy47
DragonByte Tech
[DBTech] DragonByte Security [Paid]
14 15 16
Replies
317
Views
20K
DragonByte Tech
DragonByte Tech
DragonByte Tech
[DBTech] DragonByte User Upgrade Coupons [Paid]
2 3 4
Replies
69
Views
5K
DragonByte Tech
DragonByte Tech
DragonByte Tech
[DBTech] DragonByte InfoPanels [Paid]
2
Replies
29
Views
2K
DragonByte Tech
DragonByte Tech
Top Bottom