[DBTech] DragonByte Security

[DBTech] DragonByte Security [Paid] 4.0.1

No permission to buy ($14.95)
Overview Updates (19) Reviews (2) History Discussion
Update: I see the issue, I added it to show in debug mode only while developing the product and forgot to remove that flag. I've updated the product XML file :)


Fillip
 
Glad to hear it :)

Just a quick note in general, to everyone, about that system; it was sponsored by another customer and as a result I'm limited in what I can do to add/change it unless I'm comfortable I can ensure it doesn't disrupt the existing functionality (if that makes sense). Similarly, I may "have to" add things that aren't relevant for some (or the majority) of forums. I'll always try to make it as customisable as possible, though.

If the system ends up not being right for you or your forum, removing the contents of the "support email" will hide the links from the various login forms :)


Fillip
 
Yes, the new XML file caused the Manage Recovery Critera item to show up just fine. (y)

However, if I un-check that Able to name last person private messaged…
Screen Shot 2016-07-13 at 1.57.07 PM.webp

The challenge question still shows up if a guest chooses Lost access to email account:confused:

Screen Shot 2016-07-13 at 2.00.32 PM.webp

Which seems to complicate things, for a (long-gone) returning user…especially if they don't-know. :(

So is that functioning as-designed?
 
It doesn't complicate anything as the criteria will be ignored - besides, it's a positive-scoring criteria so they won't be penalised for getting it wrong or leaving it blank :)

That being said, in the next version I'll hide that input area if that criteria is turned off :)


Fillip
 
DragonByte Tech updated [DBTech] DragonByte Security with a new update entry:

3.0.2

New Features:

Email Recovery Criteria: Paid Subscription Transaction ID
  • Users who can provide a valid paid subscription / user upgade transaction ID will by default receive a very high score, letting their recovery pass through
  • Score can be configured in the AdminCP

Email Recovery Criteria: Region
  • If the user's current IP is in the same region (e.g. state within the USA), a positive score can be applied to their request
  • Score...
Click to expand...

Read the rest of this update entry...
 
I just wanted to say how fine a job this add-on does. Today I was trying to revise a bit of code in our footer and before I could exit the board, I already had a notice in my email from this add-on that something was different. Kudos to DBT for making it so easy to SEE what happened whenever anything is edited.(i.e. Red shows as-found, while Green shows as-left)

Screen Shot 2016-07-30 at 4.48.48 PM.webp
 
Thank you very much for the kind words, much appreciated :)

XenForo itself made it easy for me to create this feature by having the "template diff" code easily usable to make diffs for ANY two pieces of text. That, along with HTML-enabled emails, is what made this feature possible. The XF devs deserve a lot of credit for the excellent job they have done in making XenForo a dream to develop for :D


Fillip
 
in "Force Password Change", isn't a way to force usergroup based? (so that we see a list of usergroups, and check any one them that we want to force password change)
Now I want to just force moderators to change their password. But I see no way to do it.
 
Dadparvar said:
in "Force Password Change", isn't a way to force usergroup based? (so that we see a list of usergroups, and check any one them that we want to force password change)
Now I want to just force moderators to change their password. But I see no way to do it.
Click to expand...
That is not currently possible, no.

You can manually edit your moderators and set the force password change flag for them there.


Fillip
 
DragonByte Tech said:
That is not currently possible, no.

You can manually edit your moderators and set the force password change flag for them there.


Fillip
Click to expand...
So I suggest it and hope to see it one day. Why? Imagine we decide to force a special usergroup that has +10.000 users. Definitely its not possible to manually do it then.

Thanks

One another question: I clicked on "account breach checker" and it is checking around 2 hours so far and yet not finished. Is it normal? (it checks 10 users per process and not it is on 9000th user and we should wait a lot until it finishes all users! and at the end of each 10 process it writes "Users edited successfully!". What is being edited there? I don't remember to set to edit anything for this function.)
 
Dadparvar said:
One another question: I clicked on "account breach checker" and it is checking around 2 hours so far and yet not finished. Is it normal?
Click to expand...
If you have a lot of users, then yes it is. It takes approx. 2 seconds per users to check the database.

Dadparvar said:
and at the end of each 10 process it writes "Users edited successfully!". What is being edited there? I don't remember to set to edit anything for this function.)
Click to expand...
Copy/paste phrases :)


Fillip
 
Hey,

Thank you for your help earlier by the way, very willing to help. Awesome product just having a few small newbie issues. 3 or 4 of our users have been locked out for incorrect password attempts from same ip. Is there anyway to see a list of locked out users and perhaps unlock their account? I'm not sure if our forum is sending them the email to unlock their account and can't find any email logs. Kinda stuck!

Edit: got sent a screenshot of the plugin saying a webmaster needs to unlock the account, how do I do this?

Thank you :)
 
Jacksta211 said:
Hey,

Thank you for your help earlier by the way, very willing to help. Awesome product just having a few small newbie issues. 3 or 4 of our users have been locked out for incorrect password attempts from same ip. Is there anyway to see a list of locked out users and perhaps unlock their account? I'm not sure if our forum is sending them the email to unlock their account and can't find any email logs. Kinda stuck!

Thank you :)
Click to expand...
If you mean they are locked out via the Account Lock feature in this mod, they can unlock it by clicking the link in their emails :)


Fillip
 
When trying to kill sessions, a security error has occurred. It's not seeming to make it to the error log.
 
You must log in or register to reply here.

Similar threads

DragonByte Tech
[DBTech] DragonByte Stripe Checkout
Replies
18
Views
566
Alpha1
Alpha1
DragonByte Tech
[DBTech] DragonByte WebP
Replies
16
Views
1K
DragonByte Tech
DragonByte Tech
DragonByte Tech
[DBTech] DragonByte Social Groups [Paid]
3 4 5
Replies
92
Views
6K
Chernabog
Chernabog
Painbaker
[OzzModz] Russian languge for [DBTech] DragonByte Security
Replies
2
Views
654
Ozzy47
Ozzy47
Sado Yasashii
Russian language for [DBTech] DragonByte eCommerce
Replies
0
Views
493
Sado Yasashii
Sado Yasashii
Top Bottom