Hi Kuno,
I am glad you find my plugin useful. I find it curious that you would ask me to review and compare my own plugin to Wordfence, but I’ll do my best to give you a fair comparison.
The short answer is that I think it’s pretty obvious that Wordfence is better than my Anti-Malware plugin because, While both plugins get ranked about the same by reviewer, Wordfence has more than ten times the reviews and download. Mark started on Wordfence at about the same time as I started on GOTMLS Anti-Malware. I think we were both responding to a major threat in the TimThumb vulnerability that was causing widespread exploits of WordPress site (and other platforms that used TimThumb too).
The major difference between our plugins from the beginning has been that, while both plugins have always been free, my plugin has required that users register each site they put it on in order to download Definition Updates (which are critical to detecting and removing new threats). We have both worked very hard to maintain and improve our respective plugins but my main focus has been automatic cleanup and removal of Known Threats and Brute-Force prevention, while Mark has branched out expanding Wordfence into many different area of prevention. In retrospect I think that requiring users to register was limiting the reach of my plugin far too much. I am currently working on expanding my plugin’s capabilities and I am strongly considering making the user registration optional.
In conclusion, if I may read into your question a little, I will give you my advice on a good WordPress security strategy. While there are a lot of security plugins out there to choose from there are only a few that are really good, IMHO. I have been told (and seen with my own eyes) that my plugin has found and removed threats that other’s like Wordfence and Sucuri have not found, and I know that the same can be said for them as well. We are all evolving and adapting to the ever-change world of hacker and no single plugin can protect yous site from every threat all the time. So, I think you should use all three plugins, GOTMLS, Wordfence, and Sucuri. I feel that Wordfence is worth the $39/year and I also believe that my plugin is worthy of a fair donation. If you are ever in a jam and Sucuri finds something that GOTMLS and Wordfence can’t find then you can always pay themm $89 to help you clean up your site.
Please note: If you ever find a threat on your site that my plugin cannot find please email me directly so I can add it to my Definition Update. You can attach the infected files as text files or send your WP Admin login to me: eli AT gotmls DOT net
Aloha, Eli
