June 2004 to March, 2012
Random header image... Refresh for more!

Free WordPress themes may need cleaning

The Problem: Makers of those free WordPress themes may not be as altruistic as they seem. Many include code in their themes that you don’t know about. That’s not nice. Worse, the secret code is often “obfuscated” so that you can’t read it to see what it does.

The threat could be relatively minor, just increasing the theme maker’s search engine ranking by spreading self-serving link-backs. Or, it could contain malware that does bad things. You don’t want that, of course, so you need a way to check themes before you use them.

The Answer: You need the TAC (Theme Authenticity Checker) plugin for WordPress. It will check the themes you have installed and give you a report… like this screenshot.

As you see, my theme is clean but a static link is reported. The “Details” button reveals the link to be one to an organization that the author wishes to support. That’s fine, and the author makes it clear that leaving the link in place is optional.

If the plugin reveals sneaky stuff you could attempt to remove it and use the theme anyway, but I would advise avoiding the theme altogether.


There are no comments yet...

Kick things off by filling out the form below.

Leave a Comment