Reply To: Wordfence (issues with modified GOTMLS files)

September 28, 2015 at 1:25 pm #1256

Key Master

These files are not malicious, they are written by the Brute-Force Login patch installed by my plugin. These are essentially log files that record all the failed login attempts. As you can see from the info you have decoded, those files store a timestamp and method in a serialized array.

I don’t want to use the database to store that info because the whole point of my Brute-Force patch is to preempt the WordPress boot-loader so as to prevent attacks from having a DDoS effect on your server.

I am working on a better way to do this though, one that does not require writing to files or using a session.

Testimonials

Grazie per il vostro supporto prodotto ottimo.
-- caporuscio tommaso

This plugin is one of those I immediately install after setting up a new wordpress. It is easy to run a complete scan of the wordpress-site and the anti malware plugin even repairs infected files. This feature saves a lot of time, if many files of the custom-files in a wordpress-installation got infected. I am really happy that I found this plugin! Thanks Eli!
-- Sir Apfelot

Eli, you continue to have my eternal appreciation for your work and this wonderful plugin!!! Thank you again so much for your time and willingness to be a help in this world!

Sherry
-- sherry b.

Get Off Those Maliciously Loaded Scripts!
Download this free Anti-Malware Plugin for WordPress.