xF2 Add-on - [DBTech] DragonByte Security - Updates | NulledTeam UnderGround | The Best Scripts Site In The World
[DBTech] DragonByte Security

xF2 Add-on [DBTech] DragonByte Security 4.3.2

No permission to download
Update highlights

This version updates the "Account locked" function to log its state changes in the user change log, similar to other flags in the core XenForo product.

It also resolves a potential server error on install, if the API that fetches the country list is inaccessible.

Complete Change Log

Feature: Log "account locked" status in the User Change Log
Fix: Fix a potential server during install
Update highlights

This version is a quick maintenance update to fix some reported bugs, as well as improved compliance with the XenForo Resource Guidelines.

The most important fix is PHP 7.4 compatibility; PHP 7.4 is now officially supported.

Complete Change Log

Change: Updated internal data path references to better support CDNs
Fix: Fix curly brace syntax for PHP 7.4
Fix: Fixed an issue where adding a closure / anonymous function to config.php could cause issues with the config tamper detection
Update highlights

This version is a major upgrade, adding support for various kinds of security keys (such as a YubiKey) to the Two-Step Authentication feature, as well as the password confirmation screen.

Setting up a security key as a two-step authentication method is as easy as it is on any other site; navigate to the Two-Step screen in XenForo, and click "Enable" next to "Verification via security key". Once enabled, repeat visits to the Two-Step screen can also take advantage of your security key to bypass needing to enter your password.

This feature even works with "Windows Hello", found in the Microsoft Edge browser for Windows 10. You don't even need a physical security key!
(The computer needs to support the Trusted Platform Module to enable this feature.)

You can see this in action @ www.DragonByte-Tech.com if you own a FIDO-U2F or FIDO2 compatible security key.

Please be aware that this feature requires PHP 7.2.0 or newer. It will not appear for users on your site if you are running PHP 7.1 or older.

Complete Change Log

Feature: Security keys can now be used as a two-step authentication method [!!!REQUIRES PHP 7.2 OR HIGHER!!!]
Security keys can now be integrated with password confirm screens [!!!REQUIRES PHP 7.2 OR HIGHER!!!]
Rename a couple of database columns to ensure they comply with the resource guidelines
Fix: Fix a regression with the HIBP API
Update highlights

This update changes the way the "Country Blocks" feature works internally.

Prior to this update, IP addresses were updated and saved to the ban log when you made changes to the "Country Blocks" page without any kind of background processing. This meant that if you were trying to block either a large number of countries, or a country with a large IP block such as China or the United States, the page could time out.

In this update, the IP addresses are updated and blocked in the background when you save the page, reducing the risk of timeout errors.

Complete Change Log

Change: Country blocks are now saved / updated in the background
Update highlights

This release features back-end only changes, making required changes to support XenForo 2.1.

In addition, an issue with a template modification being incorrectly applied in the Admin panel, causing a server error during an upgrade of this product, has been fixed. It is safe to ignore that error, this upgrade is the last time it'll appear (hopefully!) :)

Complete Change Log

Change: Updated various HTTP requests to match the changes in XF 2.1
Fix: Fixed an issue where a template modification would display a server error during an upgrade of this addon. It is safe to ignore that error.
Because of a backwards breaking change in XenForo 2.1, and because I plan to take advantage of new features only available in XenForo 2.1, the next version will require XenForo 2.1.

The current version will NOT work with XenForo 2.1. A blocking issue has been identified with XenForo 2.1:
  • Certain Cron jobs will not work due to a change in the back-end code that powers XenForo (A.K.A. "The Guzzle Change")
The issue has been fixed in an internal build that will be released A.S.A.P., once I am confident enough there are no other blocking issues.

In the meantime, I will release a "Gold" version of the current beta or RC version. This "Gold" version should work fine with XenForo 2.1. There are no known blocking issues with the planned "Gold" version of this mod preventing it from running on XenForo 2.1.
Update highlights

This update improves the "Account Lock" and "Password Change" features by allowing you to set redirect whitelists, just like XF2's "Terms of Service whitelist".

Lastly, it fixes a race condition where it was possible for a user to get stuck in a redirect loop if they were forced to accept the ToS / Privacy Policy and change their password at the same time.

Complete Change Log

Feature: Route whitelist feature for the "Account Lock" redirect
Feature: Route whitelist for the "Password Change" redirect
Fix: Fixed an infinite redirect loop when a user was forced to change their password AND accept privacy policy / terms
Update highlights

This update fixes an issue with the Bad Behavior integration where it would generate a server error after inserting new data.

Complete Change Log

Fix: Fixed an issue where Bad Behavior would cause a server error