[DBTech] DragonByte Security

[DBTech] DragonByte Security 4.7.0

No permission to download
Feature: Improved session information display, now parses browser and OS
Feature: Optionally exclude TFA-enabled users from batch update actions
Change: Refactored backend code
Change: Bump minimum PHP version to 7.4 and recommended version to 8.2
Change: Update dependencies to the latest version(s)
Fix: User agent is now updated for login sessions
Fix: Bad Behavior would run on PHP versions newer than it supports
Fix: Fix PHP 8.2 compatibility issues
Fix: Fix PHP 8.4 compatibility issue
Update highlights

This version fixes an issue where certain custom entries in the config.php file would produce a server error if the "Config Tamper" security watcher was enabled.

Complete Change Log

Fix: Fix Config Tamper watcher producing a server error when running on XenForo Cloud / with certain config.php additions
Update highlights

This version fixes an issue where an old, unused block of code could be used to delete other users' "Remember Me" records.


Complete Change Log

Fix: Fixed an issue where it was possible to delete other users' "Remember Me" records
Change: Change UTF-8 related functions
Fix: Certain URLs could cause a server error in dispatcherPostRender
  • This version fixes an issue with "Always show CAPTCHA when logging in to: front-end" option if the login form was loaded via AJAX (i.e. in an overlay).
Complete Change Log
  • Fix: The "Always show CAPTCHA when logging in to: front-end" option would not function correctly if the login form was loaded via AJAX
Fix: Fix potential server error while upgrading other add-ons
Fix: "You must be logged in to do that" pages did not have captcha properly applied on first load
Fix: Fix incompatibility with 3rd party add-ons that also extend certain View classes
Fix: Using the new XF2 security locking feature in a Security Watcher could fail to apply the lock in certain scenarios

Release notes​

This version fixes a couple of issues with the new Login Captcha feature, as well as an issue with the new Security Lock feature in XenForo 2.2.
* **Fix:** Login captcha no longer applies to password confirmation screens
* **Feature:** Account unlocks now add an entry to the IP log *2022-01-27*
* **Feature:** Batch update: Account lock (user unlock) *2022-01-27*
* **Feature:** Optional forced CAPTCHA for front-end and AdminCP logins *2022-01-27*
* **Change:** Account locks (user unlock or admin unlock) are now logged in the User Change Log *2022-01-27*
* **Fix:** Fix potential server errors when viewing certain pages *2022-01-27*
* **Fix:** Fix an issue where the User Information watcher wasn't correctly limiting to the field described in the Watcher Rules *2022-01-27*
Change: Switch to a more stable method of updating the country list

Release notes​

This version updates the country fetching code to be more reliable, and no longer requires an API key. If you previously had problems fetching the country list, please run the "Update country list" cron job one more time manually, after which the list should populate itself correctly.

Furthermore, since no API key is needed, fresh installation should once again find the country list pre-populated.
Top