This document discusses PHP shells, which are malicious files containing PHP functions used to run arbitrary commands supplied by attackers. PHP shells are usually delivered through exploited third-party plugins and are a threat as they allow attackers to compromise servers. The document provides tips on defending against PHP shells such as sanitizing user input, restricting PHP usage, and removing any shell files found on servers.