Results 1 to 9 of 9

Thread: Be careful where you get your theme from

  1. #1
    Mike-XS's Avatar
    Mike-XS is offline XeroAgent
    Join Date
    Sep 2009
    Location
    OZ
    Posts
    209
    Thanks
    30
    Thanked 109 Times in 71 Posts

    Be careful where you get your theme from

    Just a reminder about all the bad Wordpress themes that are being given away and why you need to be careful where you get your WP themes from.

    Here's a good example of one site who have been caught out distributing WP themes with hidden tracking codes to monitor every person who visits a site using one of their themes. The tracking server went offline and every one using the bugged themes started getting errors on their sites.

    Wordpress user: Be careful where you get your theme from

    Wordpress themes are not just design templates, they contain PHP code and must be validated before use. Not only because of bugs, but some may contain malicious code in there. Specially if you download from random web sites and not from Wordpress.org (not saying that every theme at Wordpress.org is safe).

    One example popped this week, regarding the themes from http://hirewordpressexperts.com/. They added some hidden code inside their themes to track which sites are using them (and track the users as well).

    However, their tracking server went offline and every site using it got this error on the sidebar.

    My recommendation is to do not use any theme from hirewordpressexperts.com and always double check any theme you decide to use.

    Some discussion here as well about them:
    http://mu.wordpress.org/forums/topic/15407

  2. Thanked by:

    Aziz (1 June, 2010), bogart (1 June, 2010), garfish (1 June, 2010)

  3. #2
    Mike-XS's Avatar
    Mike-XS is offline XeroAgent
    Join Date
    Sep 2009
    Location
    OZ
    Posts
    209
    Thanks
    30
    Thanked 109 Times in 71 Posts
    Even more disturbing is that they use Netbuilders name on their site.

    <title>NetBuilders - We Build The Net | Free Premium Wordpress Auto Install Themes Designer Plugin Development</title>
    Domain Name: HIREWORDPRESSEXPERTS.COM

    Registrant:
    N/A
    Sheela (.sheelaassudani@yahoo.com.)
    3 Tha 4
    Jawahar Nagar
    Jaipur
    Rajasthan,302004
    IN
    Tel. +91.9828535001

    Creation Date: 09-Mar-2009
    Expiration Date: 09-Mar-2011

    Domain servers in listed order:
    ns680.hostgator.com
    ns679.hostgator.com

    Domain name:
    jaipur.me.uk

    Registrant:
    Sheela

    Registrant type:
    Unknown

    Registrant's address:
    Jawahar Nagar
    Jaipur
    Rajasthan
    302004
    India

    Relevant dates:
    Registered on: 01-Nov-2009
    Renewal date: 01-Nov-2011

    Registration status:
    Registered until renewal date.

    Name servers:
    ns679.hostgator.com
    ns680.hostgator.com

  4. #3
    bogart's Avatar
    bogart is offline Super Moderator
    Join Date
    May 2009
    Location
    New York
    Posts
    3,772
    Thanks
    1,886
    Thanked 776 Times in 609 Posts
    Many people are removing the footer links as the GNU General Public License for Wordpress allows. So, the theme makes are getting creative

  5. #4
    TopDogger's Avatar
    TopDogger is online now Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,102
    Thanks
    349
    Thanked 918 Times in 702 Posts
    That's just one of many reasons why I do not use free WordPress themes.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  6. #5
    haynes11 is offline Unknown Net Builder
    Join Date
    Apr 2010
    Posts
    102
    Thanks
    1
    Thanked 3 Times in 3 Posts
    I find this unacceptable, why cant people just respect the authors?
    Insane Posting Competition! WIN 1 YEAR OF FREE CPANEL ADULT ALLOWED WEBHOSTING! >>>>>> Webmaster Forums

  7. #6
    TopDogger's Avatar
    TopDogger is online now Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,102
    Thanks
    349
    Thanked 918 Times in 702 Posts
    @haynes11, read the article. It refers to tracking code built into an encoded footer. That author deserves no respect. Any theme that encodes the footer should be considered to be potentially dangerous.

    Quote Originally Posted by Mike-XS View Post
    Here's a good example of one site who have been caught out distributing WP themes with hidden tracking codes to monitor every person who visits a site using one of their themes. The tracking server went offline and every one using the bugged themes started getting errors on their sites.
    There is no legitimate reason to encode the footers. Anyone with average PHP skills can remove the encoded footer and the GNU allows this. When I see something that is encoded, I assume that they are hiding something, or perhaps there is something potentially harmful to my site's rankings, such as links to spammy or unrelated sites.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  8. #7
    Social-Media is offline Search Marketing Consultant
    Join Date
    Mar 2010
    Posts
    61
    Thanks
    0
    Thanked 23 Times in 21 Posts
    The tracking code could have very well have been embedded in a sidebar, the header, or main body of the page... So removing the footer is not going to prevent such things from happening. You'd have to inspect the PHP code to really know what is going on each time a page is rendered.

    I agree, avoiding "free" themes will prevent a lot of this, but even authors of premium themes "could" be implementing tracking code to look for sites using their themes illegally.

  9. #8
    TopDogger's Avatar
    TopDogger is online now Über Hund
    Join Date
    Jan 2009
    Location
    Hellfire, AZ
    Posts
    3,102
    Thanks
    349
    Thanked 918 Times in 702 Posts
    Exactly. Any WordPress theme that has any encoded scripts should be viewed with suspicion.

    There aren't very many scripts in a theme. It is easy to check each one out.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  10. #9
    hendricius's Avatar
    hendricius is offline The Interwebs are mine!
    Join Date
    Jul 2009
    Location
    Hamburg, Germany
    Posts
    527
    Blog Entries
    1
    Thanks
    21
    Thanked 50 Times in 37 Posts
    Wordpress themes can make your site very easy to hack if you are not careful. I usually use themes designed by well known designers.
    Follow me on Twitter: @hendricius

Similar Threads

  1. Be Careful When Buying Proxy List Coupons
    By Will.Spencer in forum Proxy List Support Forum
    Replies: 5
    Last Post: 12 May, 2010, 11:48 AM
  2. Be careful what you text your friends....
    By m42 in forum General Chat
    Replies: 4
    Last Post: 29 July, 2009, 16:05 PM
  3. Replies: 0
    Last Post: 26 June, 2009, 09:38 AM
  4. WARNING : Be careful who you sell Ad Space to
    By KDisk in forum Monetizing
    Replies: 7
    Last Post: 22 June, 2009, 21:53 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •