[DBTech] DragonByte Security is a security plugin for the XenForo forum that monitors your forum even when you are not there, and has the ability to alert you to any suspicious activity.
[DBTech] DragonByte Security is the perfect product for forums that are concerned about security or want to be warned when something suspicious happens. Thanks to several Security Observers, such as authorization errors, you can configure various “levels” of actions to take when certain thresholds are executed. For example, if someone tries to log in to 5 different accounts from the same IP address in 1 hour, you can alert webmasters. If they try 15 accounts in 1 hour, completely block the IP address.
It closely monitors your configuration file, ensuring that it is not modified by mods or plugins. You can also receive email alerts when a template is changed, including a color change log, so you can easily see if someone has added malicious code to your templates.
Detailed change lists are available for each observer who deals with the changes.
IP Ban, User Ban, email alerts and temporary forum close options for each individual observer.Password Expiration: Passwords can be set to expire for each group after X days. Users will be redirected to the password management screen with a notification about why they should change their password.
Password rules: set rules for new passwords for each group; the minimum length must contain lower case, must contain upper case, must contain numbers, must contain characters. You can even apply to new registrations by setting user group permissions for the Unregistered group.
Device Trust: constantly trust the combination of devices / IP addresses (optional, over the XenForo 30-day trust), as well as the ability to cancel trust at any time using the two-factor authentication page on your account page.
Session management: it is easy to see all the devices on which your account is currently registered (since the installation of this mod), with the possibility of a single shutdown of any devices that you do not recognize.
Integration “Bad behavior”: integrate with http://bad-behavior.ioerror.us/ to detect malicious traffic and block it with this easy-to-use, free (at the time of writing) remote detection service.