Compatible XF Versions 2.0 , 2.1 , 2.2
DragonByte keeps a watchful eye over your forum even when you are not there, and has the capability to alert you of any suspicious activity.
Uses
DragonByte is the ideal product for forums that are concerned about security, or wish to be alerted when something suspicious happens. Featuring multiple "Security Watchers" such as Failed Logins and Failed AdminCP Logins, you can set up different "tiers" of actions to be taken when certain thresholds are met. For example, if someone tries to log in to 5 different accounts from the same IP address in 1 hour, you can alert the webmaster. If they try 15 accounts in 1 hour, ban the IP address from your forum entirely.
It keeps a watchful eye on your configuration file, ensuring that it does not get modified by mods or plugins. You can also optionally receive email alerts when any template is modified, including a colourised change log, so you can easily see if someone has added malicious code to your templates.
Add in the ability to permanently trust devices in your XenForo's Two-Factor Authentication module, as well as managing trusted devices and login sessions via your Account page, DragonByte can easily be called one of the most comprehensive security suites for your XenForo forum.
Major Features
Security Watchers: Keep an eye on the most important aspects of XenForo: config.php tampering, AdminCP / User Account access attempts, XenForo Options, User Data, Usergroup Settings and Usergroup Permissions.
Detailed changelogs available for each watcher dealing with changes.
IP Ban, User Ban, Email alerts and temporary forum closure options available for each watcher individually.
Password Expiry: Passwords can be set to expire on a per-usergroup basis after X days. Users will be redirected to the password management screen with a notice saying why they need to change their password.
Password Rules: Set rules for new passwords per-usergroup; minimum length, must contain lower-case, must contain upper-case, must contain numbers, must contain symbols. Can even be applied to new registrations by setting the usergroup permissions for the "Unregistered" group.
Device Trust: Permanently trust a device / IP address combination (optional; on top of XenForo's native 30-day trust) as well as the ability to revoke trust at any time via the Two-Factor Authentication page in your Account page.
Session Management: Easily see all devices your account is currently signed in at (since installing this mod), with the ability to one-click log out any devices you do not recognise.
"Bad Behavior" Integration: Integrate with bad-behavior.ioerror.us to detect malicious traffic and block it using this easy-to-use, free (at the time of writing) remote detection service.
DragonByte keeps a watchful eye over your forum even when you are not there, and has the capability to alert you of any suspicious activity.
Uses
DragonByte is the ideal product for forums that are concerned about security, or wish to be alerted when something suspicious happens. Featuring multiple "Security Watchers" such as Failed Logins and Failed AdminCP Logins, you can set up different "tiers" of actions to be taken when certain thresholds are met. For example, if someone tries to log in to 5 different accounts from the same IP address in 1 hour, you can alert the webmaster. If they try 15 accounts in 1 hour, ban the IP address from your forum entirely.
It keeps a watchful eye on your configuration file, ensuring that it does not get modified by mods or plugins. You can also optionally receive email alerts when any template is modified, including a colourised change log, so you can easily see if someone has added malicious code to your templates.
Add in the ability to permanently trust devices in your XenForo's Two-Factor Authentication module, as well as managing trusted devices and login sessions via your Account page, DragonByte can easily be called one of the most comprehensive security suites for your XenForo forum.
Major Features
Security Watchers: Keep an eye on the most important aspects of XenForo: config.php tampering, AdminCP / User Account access attempts, XenForo Options, User Data, Usergroup Settings and Usergroup Permissions.
Detailed changelogs available for each watcher dealing with changes.
IP Ban, User Ban, Email alerts and temporary forum closure options available for each watcher individually.
Password Expiry: Passwords can be set to expire on a per-usergroup basis after X days. Users will be redirected to the password management screen with a notice saying why they need to change their password.
Password Rules: Set rules for new passwords per-usergroup; minimum length, must contain lower-case, must contain upper-case, must contain numbers, must contain symbols. Can even be applied to new registrations by setting the usergroup permissions for the "Unregistered" group.
Device Trust: Permanently trust a device / IP address combination (optional; on top of XenForo's native 30-day trust) as well as the ability to revoke trust at any time via the Two-Factor Authentication page in your Account page.
Session Management: Easily see all devices your account is currently signed in at (since installing this mod), with the ability to one-click log out any devices you do not recognise.
"Bad Behavior" Integration: Integrate with bad-behavior.ioerror.us to detect malicious traffic and block it using this easy-to-use, free (at the time of writing) remote detection service.