Title: malware
Last modified: July 18, 2021

---

# malware

 *  Resolved [USREC](https://wordpress.org/support/users/hawaiirealestate/)
 * (@hawaiirealestate)
 * [4 years, 10 months ago](https://wordpress.org/support/topic/malware-133/)
 * Does your Shield system detect and prevent .well-known/.bt hack?

Viewing 1 replies (of 1 total)

 *  Plugin Author [Paul](https://wordpress.org/support/users/paultgoodchild/)
 * (@paultgoodchild)
 * [4 years, 10 months ago](https://wordpress.org/support/topic/malware-133/#post-14674999)
 * Yes, I assume this is the same question as posed [in our Facebook group](https://www.facebook.com/groups/ShieldSec/).
 * the `.bt` attack and other such attacks rely on modifying core WordPress PHP 
   files, and/or plugin/theme files.
 * Creation of the `.bt` files is a symptom of the problem, not the hack itself,
   so detecting changes in the core PHP files is the first line of defense here.
 * And yes, Shield will detect these changes and repair them if they are in your
   WP Core files. ShieldPRO will handle plugins and themes.

Viewing 1 replies (of 1 total)

The topic ‘malware’ is closed to new replies.

 * ![](https://ps.w.org/wp-simple-firewall/assets/icon-256x256.png?rev=3054572)
 * [Shield Security – Smart Bot Blocking, Brute-Force Login Protection & File Scanning](https://wordpress.org/plugins/wp-simple-firewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-simple-firewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-simple-firewall/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-simple-firewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-simple-firewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-simple-firewall/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Paul](https://wordpress.org/support/users/paultgoodchild/)
 * Last activity: [4 years, 10 months ago](https://wordpress.org/support/topic/malware-133/#post-14674999)
 * Status: resolved