Magento – Why does the var folder contain brute-force.ini

magento-1.9

In the var folder, a file has suddenly appeared called brute-force.ini.

Is it harmful or not? Can I delete this file?

Best Answer

There is this awesome tool called google. It usually helps to look there first ;)

First result:

https://community.magento.com/t5/Security-Patches/brute-force-ini/m-p/54215#M2288

This file is saved when Magento detects failed login attemps to the downloader. (This feature was introduced on Magento 1.9.3)

A warning for everybody who is tempted to delete `var/session`!

This will log out all your customers and delete the carts of guest customers. If you have visitors that might want to buy something, this is really bad for your business!

If your disk is full and your goal is to make some space, you can use this command to only remove session files older than 7 days:

find var/session -name 'sess_*' -type f -mtime +7 -delete

Best Answer

Related Solutions

Magento – Magento Log folder permissions getting revoked everytime

Magento 1.9 – Keeping Customers Logged In After Deleting var/session

A warning for everybody who is tempted to delete var/session!

Related Topic

A warning for everybody who is tempted to delete `var/session`!