What alternative text would you propose?
![[DBTech] DragonByte Security](/community/data/resource_icons/5/5193.jpg?1465255166){kind=icon}
[DBTech] DragonByte Security [Paid] 4.0.1
- Thread starter DragonByte Tech
- Start date
I would insert text that is less scary. This is simply a notification that their account may have been compromised at another website. It should be worded as such, a reminder or notice.
State the security of this website has not been compromised, it is just a friendly reminder that if they share a password or login information, their account details may have been exposed by the websites listed in this message. Something to this effect.
You me and the others in here understand what this is about, but the average Joe probably doesn't. The last thing we want is for someone to inadvertantly feel less secure, especially if they only glanced at the email and decide to never come back again thinking 'its another hacked site'.
State the security of this website has not been compromised, it is just a friendly reminder that if they share a password or login information, their account details may have been exposed by the websites listed in this message. Something to this effect.
You me and the others in here understand what this is about, but the average Joe probably doesn't. The last thing we want is for someone to inadvertantly feel less secure, especially if they only glanced at the email and decide to never come back again thinking 'its another hacked site'.
I'm not sure if this is a template modification or a template directly - if it's a TM, you can't edit it - but there's no setting for it at this time.
Alright, thank you. Just seen that I've accidentally posted in the XF1 category - should rather be in XF2. Mind throwing that onto your "suggestions" list?
What email address is used for the 'webmaster'?
In the security watchers, one option is to email the webmaster. What email address is that?
Because if it's the Default email address as set up at
/admin.php?options/groups/basicBoard/
then I'm never going to get those emails because that address is a noreply unmonitored address.
If this is the case, would it be possible to set up the 'webmaster' email address used by this addon separately?
In the security watchers, one option is to email the webmaster. What email address is that?
Because if it's the Default email address as set up at
/admin.php?options/groups/basicBoard/
then I'm never going to get those emails because that address is a noreply unmonitored address.
If this is the case, would it be possible to set up the 'webmaster' email address used by this addon separately?
It is sent to "Contact email address" - as per the description "Email address where board-related messages will be sent." this address should be able to receive email. If you have configured the contact email address to be an unmonitored one, you should change that.
Is it possible to disable/uninstall the plugin after running the "Force Password Change" option @DragonByte Tech ? Or must it remain active? And should it be possible to update to XF 2.x afterwards without issue? Users who didn't change prior to the XF2 update will still be asked to change?
Or would a "mass password reset" be better in that case?
Or would a "mass password reset" be better in that case?
Last edited:
It would be preferable to upgrade to XenForo 2.2 before attempting to use these features, because you can then simply use XF's built in "batch update" feature and this field:
Without needing to keep this add-on active.
D
Deleted member 91401
Guest
Support for the XenForo 1.5 version of this add-on has ended, sorry.
D
Deleted member 91401
Guest
I'm running the latest version of DB Security and latest version of Xenforo..
Then you should post in the right thread
[DBTech] DragonByte Security
DragonByte keeps a watchful eye over your forum even when you are not there, and has the capability to alert you of any suspicious activity. Uses DragonByte is the ideal product for forums that are concerned about security, or wish to be alerted...
xenforo.com
The XenForo 1 version of this add-on is deprecated, you should upgrade to XenForo 2.2 before worrying about anything else
I am running DB Security Pro v3.02 on Xenforo v1.5.2 and have a user who has been locked out of his account. He says he does not have an email from the board, with a LINK to click-on so he can unlock his account. I asked him for a printscreen of what he sees and I have attached it.
I am reposting my plea for help in just how to unlock this user's account, since DBT does not know where this unlock feature appears within the Admin CP. They said: "...edit the user in the AdminCP and set the security lock flag there."
I am hoping someone else who has used the DB Security add-on can tell me, because when I try to do so I find no such feature or option?
Can anyone else tell me where to find/access this unlock a user's account feature?
I am reposting my plea for help in just how to unlock this user's account, since DBT does not know where this unlock feature appears within the Admin CP. They said: "...edit the user in the AdminCP and set the security lock flag there."
I am hoping someone else who has used the DB Security add-on can tell me, because when I try to do so I find no such feature or option?
Can anyone else tell me where to find/access this unlock a user's account feature?
Apart form this:
In the XF2 version this is how it works:
.. and the fact that XF 1 does not receive security fixes anymore..The XenForo 1 version of this add-on is deprecated, you should upgrade to XenForo 2.2 before worrying about anything else
In the XF2 version this is how it works:
So, if there were no changes for XF2, you should see something like this, when editing the user in the admin cp:
No, I don't see that. What TAB is it under? I've looked through all of them and still no luck.
In XF2 there are no tabs anymore, when you edit a user (only collapsible areas).
On your own risk (better do a backup before you do this):
Go into the database and look for a table called
dbtech_security_account_lock, delete any entry for the user_id of the user account in question.Go to the table
user_option, search for the user_id of the user account and set dbtech_security_is_admin_locked to 0.
Well Thanxx for a backdoor method, but that's just beyond my comfortable skillset level. I just think there must be someway to unlock an account via the menu system of DB Security/Xenforo. Maybe someone will come along in time and see this post, who can fill me in on the way admins are intended to unlock an account.
