Thread: How to check WP themes for malicious codes?

Is there any tool or method that will help non-coders like me to find possible malicious codes in WP themes found in WP themes??

PS: I am not talking about encrypted codes in footer.

This will scan your template files:
http://wpantivirus.com/

And this is another good plugin to have, since it checks your whole installation:
WP Security Scan | WordPress Developer

I recommend using both of them together.

when can we consider that a site might have malicious codes?

Originally Posted by whatthehell

when can we consider that a site might have malicious codes?

one sure shot indication is if firefox or google marks it bad but then its after 1-2 days of actuall infection

Well if you put in the template before and then try the the code you are already letting the hackers in. I installed the anti virus it looked like it was ok.

Apart from the plugins which Kovich suggested, you can also use Google's Webmaster tools to check for malware in your files.
Its located at Webmaster Tools/Diagnostics/Malware.

Heh I only once considered a PHP virus I was wondering how it would be possible to inject a PHP script into SMF that would delete the entire forum,but because of lack of knowledge i never did anything about it.Interesting idea for a virus in a Wordpress theme.

idea is not new its very old


if your web master is fool enough to let you upload any script.

any person can screw the whole service.

Originally Posted by anantshri

idea is not new its very old


if your web master is fool enough to let you upload any script.

any person can screw the whole service.

Well the art is to inject the script somehow...or with use of social-engineering trick the person to install the script