2017-12-10, 05:10 AM
An idea I snatched from Discourse. When you run a backup, you can't download it from the Control Panel, instead Discourse will email you a link to it. I think it could help here, although if the email can be changed via the User Manager, then it might cause a problem, so you might want to make it a super admin thing in config.php?
Possibly something like (pseudo-code):
...and completely disable changing the email in the ACP (or force override it, if it is changed, even via the database)
Of course, this won't help against social engineering, if someone got access to your account via your email.
It's probably a lot easier for Discourse, as they colocate their servers, and live down the road from the datacenter.
Possibly something like (pseudo-code):
$config["superadmins"][] = ["id" => 85, "email" => "[email protected]"];
...and completely disable changing the email in the ACP (or force override it, if it is changed, even via the database)
Of course, this won't help against social engineering, if someone got access to your account via your email.
It's probably a lot easier for Discourse, as they colocate their servers, and live down the road from the datacenter.