Reply To: Wordfence (issues with modified GOTMLS files)

Home Forums Support Forum Wordfence (issues with modified GOTMLS files) Reply To: Wordfence (issues with modified GOTMLS files)

#1256
Anti-Malware Admin
Anti-Malware Admin
Key Master

These files are not malicious, they are written by the Brute-Force Login patch installed by my plugin. These are essentially log files that record all the failed login attempts. As you can see from the info you have decoded, those files store a timestamp and method in a serialized array.

I don’t want to use the database to store that info because the whole point of my Brute-Force patch is to preempt the WordPress boot-loader so as to prevent attacks from having a DDoS effect on your server.

I am working on a better way to do this though, one that does not require writing to files or using a session.