[DBTech] DragonByte Security

[DBTech] DragonByte Security [Paid] 4.7.0

No permission to buy ($14.95)
Overview Updates (45) Reviews (3) History Discussion
Nirjonadda said:
What a problems in HaveIBeenPwned? So this will generated server error log and can not stop this?
Click to expand...
It seems like HIBP have shut down v2 of their API. v3 will cost money to use ($3.50 monthly) and requires authentication. I'll release an updated version with support for v3 once it's ready.

Meanwhile, turn off the breach checker.
 
DragonByte Tech said:
It seems like HIBP have shut down v2 of their API. v3 will cost money to use ($3.50 monthly) and requires authentication. I'll release an updated version with support for v3 once it's ready.

Meanwhile, turn off the breach checker.
Click to expand...

OK ! Email Recovery Options functionality still are not implemented?

ScreenShot01177.webp
 
Nirjonadda said:
OK ! Email Recovery Options functionality still are not implemented?

View attachment 208547
Click to expand...
Not yet, no.

Nirjonadda said:
@DragonByte Tech Also Please update to Bad Behavior v2.2.23, Bad Behavior 2.2.23 has been released in August 7, 2019. This is a maintenance release and is suitable for all users.
Click to expand...
No, I don't plan on making any updates to the Bad Behaviour integration unless actual problems are highlighted that necessitates the update. When their v3 gets released (if it ever does), it'll be kept up to date with each version of DB Security as it'll integrate with the Composer feature in XenForo, but for now I am making minimal manual updates.
 
DragonByte Tech updated [DBTech] DragonByte Security with a new update entry:

4.2.7

Update highlights

This version is an "emergency" update to address the closure of the existing HaveIBeenPwned integration, which powers the "Account breach checker" feature.

v3 of their API requires authentication, and a monthly payment to continue using it. Please see the blog entry on the creator's website for more information: https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/

It is not possible to...
Click to expand...

Read the rest of this update entry...
 
DragonByte Tech said:
No, I don't plan on making any updates to the Bad Behaviour integration unless actual problems are highlighted that necessitates the update. When their v3 gets released (if it ever does), it'll be kept up to date with each version of DB Security as it'll integrate with the Composer feature in XenForo, but for now I am making minimal manual updates.
Click to expand...

No way can not manual updates Bad Behaviour? Also Enable account breach check option moved to under Watcher Options? Please add functionality can view Account lock log.
 
Last edited:
@DragonByte Tech I am still getting lot of Server error log with using API v3 ($3.50 monthly)

Code: 
ErrorException: Received unexpected response code 403 (Forbidden) src/XF/Error.php:75

Generated by: Unknown account Aug 17, 2019 at 5:47 PM

Stack trace

#0 src/XF.php(187): XF\Error->logError(Object(XF\Phrase), false)
#1 src/addons/DBTech/Security/Repository/Watcher.php(297): XF::logError(Object(XF\Phrase))
#2 src/addons/DBTech/Security/XF/Service/User/Login.php(50): DBTech\Security\Repository\Watcher->breachCheck(Object(Datio\AllowedEmails\XF\Entity\User))
#3 src/XF/Service/User/Login.php(124): DBTech\Security\XF\Service\User\Login->recordFailedAttempt()
#4 src/XF/Pub/Controller/Login.php(93): XF\Service\User\Login->validate('*****', NULL)
#5 src/XF/Mvc/Dispatcher.php(321): XF\Pub\Controller\Login->actionLogin(Object(XF\Mvc\ParameterBag))
#6 src/XF/Mvc/Dispatcher.php(244): XF\Mvc\Dispatcher->dispatchClass('XF:Login', 'Login', Object(XF\Mvc\RouteMatch), Object(xenMade\LAU\XF\Pub\Controller\Login), NULL)
#7 src/XF/Mvc/Dispatcher.php(100): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(xenMade\LAU\XF\Pub\Controller\Login), NULL)
#8 src/XF/Mvc/Dispatcher.php(50): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#9 src/XF/App.php(2178): XF\Mvc\Dispatcher->run()
#10 src/XF.php(390): XF\App->run()
#11 index.php(20): XF::runApp('XF\\Pub\\App')
#12 {main}

Request state

array(4) {
  ["url"] => string(12) "/login/login"
  ["referrer"] => string(74) "/email-stop/6314/?c=c6fdb16682722a79d05bbbdd66596bf5"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(4) {
    ["login"] => string(23) "@gmail.com"
    ["password"] => string(8) "********"
    ["_xfRedirect"] => string(74) "/email-stop/6314/?c=c6fdb16682722a79d05bbbdd66596bf5"
    ["_xfToken"] => string(8) "********"
  }
}
 
One of the options in the feature list is the following:
Country Blocking
  • You can now block any country from your forum easily by selecting the country via the new AdminCP page
  • Uses XenForo's IP Ban system to ban the IP ranges assigned to each country
Click to expand...
Is this simply limited to banning a country, or is there an option to have posts made by people from certain countries to be put On Moderation?
 
051119 said:
One of the options in the feature list is the following:Is this simply limited to banning a country, or is there an option to have posts made by people from certain countries to be put On Moderation?
Click to expand...
It adds all IP addresses found to be belonging to that country on your forum’s IP Banning list. It does not feature any moderation integration.
 
DragonByte Tech updated [DBTech] DragonByte Security with a new update entry:

4.3.0

Update highlights

This version is a major upgrade, adding support for various kinds of security keys (such as a YubiKey) to the Two-Step Authentication feature, as well as the password confirmation screen.

Setting up a security key as a two-step authentication method is as easy as it is on any other site; navigate to the Two-Step screen in XenForo, and click "Enable" next to "Verification via security key". Once enabled, repeat visits to the Two-Step screen can also take...
Click to expand...

Read the rest of this update entry...
 
@DragonByte Tech Can not update to 4.3.0 because Server error log.

Code: 
XF\Db\InvalidQueryException: Batch install error: xf_user_tfa_trusted: MySQL statement prepare error [1101]: BLOB, TEXT, GEOMETRY or JSON column 'dbtech_security_user_agent' can't have a default value src/XF/Db/AbstractStatement.php:217

Generated by: Nirjonmela Sep 19, 2019 at 9:36 PM

Stack trace

ALTER TABLE `xf_user_tfa_trusted`
CHANGE COLUMN `user_agent` `dbtech_security_user_agent` BLOB DEFAULT ''
------------

#0 src/XF/Db/Mysqli/Statement.php(196): XF\Db\AbstractStatement->getException('MySQL statement...', 1101, '42000')
#1 src/XF/Db/Mysqli/Statement.php(39): XF\Db\Mysqli\Statement->getException('MySQL statement...', 1101, '42000')
#2 src/XF/Db/Mysqli/Statement.php(54): XF\Db\Mysqli\Statement->prepare()
#3 src/XF/Db/AbstractAdapter.php(94): XF\Db\Mysqli\Statement->execute()
#4 src/XF/Db/Schema/AbstractDdl.php(151): XF\Db\AbstractAdapter->query('ALTER TABLE `xf...')
#5 src/XF/Db/SchemaManager.php(149): XF\Db\Schema\AbstractDdl->apply()
#6 src/addons/DBTech/Security/Setup.php(992): XF\Db\SchemaManager->alterTable('xf_user_tfa_tru...', Object(Closure))
#7 src/XF/AddOn/StepRunnerUpgradeTrait.php(122): DBTech\Security\Setup->upgrade904030051Step1(Array)
#8 src/XF/AddOn/StepRunnerUpgradeTrait.php(71): DBTech\Security\Setup->upgradeStepRunner(904030051, 1, Array, NULL)
#9 src/XF/Job/AddOnInstallBatch.php(297): DBTech\Security\Setup->upgrade(Array)
#10 src/XF/Job/AddOnInstallBatch.php(90): XF\Job\AddOnInstallBatch->stepAction(Object(XF\Timer))
#11 src/XF/Job/Manager.php(253): XF\Job\AddOnInstallBatch->run(G)
#12 src/XF/Job/Manager.php(195): XF\Job\Manager->runJobInternal(Array, G)
#13 src/XF/Job/Manager.php(111): XF\Job\Manager->runJobEntry(Array, G)
#14 src/XF/Admin/Controller/Tools.php(120): XF\Job\Manager->runByIds(Array, 8)
#15 src/XF/Mvc/Dispatcher.php(321): XF\Admin\Controller\Tools->actionRunJob(Object(XF\Mvc\ParameterBag))
#16 src/XF/Mvc/Dispatcher.php(244): XF\Mvc\Dispatcher->dispatchClass('XF:Tools', 'RunJob', Object(XF\Mvc\RouteMatch), Object(NF\Discord\XF\Admin\Controller\Tools), NULL)
#17 src/XF/Mvc/Dispatcher.php(100): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(NF\Discord\XF\Admin\Controller\Tools), NULL)
#18 src/XF/Mvc/Dispatcher.php(50): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#19 src/XF/App.php(2178): XF\Mvc\Dispatcher->run()
#20 src/XF.php(390): XF\App->run()
#21 admin.php(13): XF::runApp('XF\\Admin\\App')
#22 {main}

Request state

array(4) {
  ["url"] => string(24) "/admin.php?tools/run-job"
  ["referrer"] => string(46) "https://nirjonmela.com/admin.php?tools/run-job"
  ["_GET"] => array(1) {
    ["tools/run-job"] => string(0) ""
  }
  ["_POST"] => array(3) {
    ["_xfRedirect"] => string(81) "/admin.php?add-ons/install-from-archive-complete&batch_id=1"
    ["_xfToken"] => string(8) "********"
    ["only_ids"] => string(5) "95650"
  }
}
 
Nirjonadda said:
@DragonByte Tech Can not update to 4.3.0 because Server error log.

Code: 
XF\Db\InvalidQueryException: Batch install error: xf_user_tfa_trusted: MySQL statement prepare error [1101]: BLOB, TEXT, GEOMETRY or JSON column 'dbtech_security_user_agent' can't have a default value src/XF/Db/AbstractStatement.php:217

Generated by: Nirjonmela Sep 19, 2019 at 9:36 PM

Stack trace

ALTER TABLE `xf_user_tfa_trusted`
CHANGE COLUMN `user_agent` `dbtech_security_user_agent` BLOB DEFAULT ''
------------

#0 src/XF/Db/Mysqli/Statement.php(196): XF\Db\AbstractStatement->getException('MySQL statement...', 1101, '42000')
#1 src/XF/Db/Mysqli/Statement.php(39): XF\Db\Mysqli\Statement->getException('MySQL statement...', 1101, '42000')
#2 src/XF/Db/Mysqli/Statement.php(54): XF\Db\Mysqli\Statement->prepare()
#3 src/XF/Db/AbstractAdapter.php(94): XF\Db\Mysqli\Statement->execute()
#4 src/XF/Db/Schema/AbstractDdl.php(151): XF\Db\AbstractAdapter->query('ALTER TABLE `xf...')
#5 src/XF/Db/SchemaManager.php(149): XF\Db\Schema\AbstractDdl->apply()
#6 src/addons/DBTech/Security/Setup.php(992): XF\Db\SchemaManager->alterTable('xf_user_tfa_tru...', Object(Closure))
#7 src/XF/AddOn/StepRunnerUpgradeTrait.php(122): DBTech\Security\Setup->upgrade904030051Step1(Array)
#8 src/XF/AddOn/StepRunnerUpgradeTrait.php(71): DBTech\Security\Setup->upgradeStepRunner(904030051, 1, Array, NULL)
#9 src/XF/Job/AddOnInstallBatch.php(297): DBTech\Security\Setup->upgrade(Array)
#10 src/XF/Job/AddOnInstallBatch.php(90): XF\Job\AddOnInstallBatch->stepAction(Object(XF\Timer))
#11 src/XF/Job/Manager.php(253): XF\Job\AddOnInstallBatch->run(G)
#12 src/XF/Job/Manager.php(195): XF\Job\Manager->runJobInternal(Array, G)
#13 src/XF/Job/Manager.php(111): XF\Job\Manager->runJobEntry(Array, G)
#14 src/XF/Admin/Controller/Tools.php(120): XF\Job\Manager->runByIds(Array, 8)
#15 src/XF/Mvc/Dispatcher.php(321): XF\Admin\Controller\Tools->actionRunJob(Object(XF\Mvc\ParameterBag))
#16 src/XF/Mvc/Dispatcher.php(244): XF\Mvc\Dispatcher->dispatchClass('XF:Tools', 'RunJob', Object(XF\Mvc\RouteMatch), Object(NF\Discord\XF\Admin\Controller\Tools), NULL)
#17 src/XF/Mvc/Dispatcher.php(100): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(NF\Discord\XF\Admin\Controller\Tools), NULL)
#18 src/XF/Mvc/Dispatcher.php(50): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#19 src/XF/App.php(2178): XF\Mvc\Dispatcher->run()
#20 src/XF.php(390): XF\App->run()
#21 admin.php(13): XF::runApp('XF\\Admin\\App')
#22 {main}

Request state

array(4) {
  ["url"] => string(24) "/admin.php?tools/run-job"
  ["referrer"] => string(46) "https://nirjonmela.com/admin.php?tools/run-job"
  ["_GET"] => array(1) {
    ["tools/run-job"] => string(0) ""
  }
  ["_POST"] => array(3) {
    ["_xfRedirect"] => string(81) "/admin.php?add-ons/install-from-archive-complete&batch_id=1"
    ["_xfToken"] => string(8) "********"
    ["only_ids"] => string(5) "95650"
  }
}
Click to expand...
I've added a hot fix that should resolve the issue :)
 
I think this are same Xenforo Verification code via app Two-step verification providers and enabled Active providers by default without configuration?
 
Can a verification method be forced? I have someone who shares their account and they are not supposed to. IP addresses are increasingly unreliable.

By the way, super glad to see this become a feature afterall! I'll be testing it with my keys soon.
 
doublespaces said:
Can a verification method be forced? I have someone who shares their account and they are not supposed to. IP addresses are increasingly unreliable.

By the way, super glad to see this become a feature afterall! I'll be testing it with my keys soon.
Click to expand...
You can't force a verification method, only force the verification itself. There's a user group permission setting for whether Two-step verification is required.

You can put this naughty account sharer in a special user group whose permissions all say "No" except for this permission (so as to not inadvertently override some other permission), then add that user to that group as one of their secondary groups.

They will then be forced to use 2FA, which at worst makes it more of a hassle for them to share.
 
You must log in or register to reply here.

Similar threads

DragonByte Tech
[DBTech] DragonByte Stripe Checkout
Replies
18
Views
564
Alpha1
Alpha1
DragonByte Tech
[DBTech] DragonByte WebP
Replies
16
Views
1K
DragonByte Tech
DragonByte Tech
DragonByte Tech
[DBTech] DragonByte Social Groups [Paid]
3 4 5
Replies
92
Views
6K
Chernabog
Chernabog
Painbaker
[OzzModz] Russian languge for [DBTech] DragonByte Security
Replies
2
Views
654
Ozzy47
Ozzy47
Sado Yasashii
Russian language for [DBTech] DragonByte eCommerce
Replies
0
Views
493
Sado Yasashii
Sado Yasashii
Top Bottom