[RSS Feed/News] Restrict password request rate for registered users who currently have no password set.

[XenForo]

Currently (XF2.2.2), when a user doesn't have a password set for their account and requests a password via the "Password and security" page, they can send any number of requests without any restrictions. Of course, they can only flood their own email account in such a way, but this also unnecessarily stresses the forum's email server. An option is required to restrict the rate at which registered users can request a password emailed to them in such a way.

Thanks!

ادامه مطلب...