Results 1 to 9 of 9

Thread: How to check WP themes for malicious codes?

Hybrid View

  1. #1
    Join Date
    Mar 2009
    Location
    If I tell you, I would have to kill you.
    Posts
    614

    How to check WP themes for malicious codes?

    Is there any tool or method that will help non-coders like me to find possible malicious codes in WP themes found in WP themes??

    PS: I am not talking about encrypted codes in footer.

  2. #2
    Join Date
    Jan 2009
    Location
    Philadelphia, Pennsylvania
    Posts
    1,797
    This will scan your template files:
    http://wpantivirus.com/

    And this is another good plugin to have, since it checks your whole installation:
    WP Security Scan | WordPress Developer

    I recommend using both of them together.

  3. when can we consider that a site might have malicious codes?


  4. #4
    Join Date
    Apr 2010
    Location
    india
    Posts
    338
    Quote Originally Posted by whatthehell View Post
    when can we consider that a site might have malicious codes?

    one sure shot indication is if firefox or google marks it bad but then its after 1-2 days of actuall infection

  5. #5
    Well if you put in the template before and then try the the code you are already letting the hackers in. I installed the anti virus it looked like it was ok.

  6. #6
    Apart from the plugins which Kovich suggested, you can also use Google's Webmaster tools to check for malware in your files.
    Its located at Webmaster Tools/Diagnostics/Malware.

  7. Heh I only once considered a PHP virus I was wondering how it would be possible to inject a PHP script into SMF that would delete the entire forum,but because of lack of knowledge i never did anything about it.Interesting idea for a virus in a Wordpress theme.

  8. #8
    Join Date
    Apr 2010
    Location
    india
    Posts
    338
    idea is not new its very old


    if your web master is fool enough to let you upload any script.

    any person can screw the whole service.

  9. Quote Originally Posted by anantshri View Post
    idea is not new its very old


    if your web master is fool enough to let you upload any script.

    any person can screw the whole service.
    Well the art is to inject the script somehow...or with use of social-engineering trick the person to install the script

Similar Threads

  1. Name.com Promo Codes
    By Oranges in forum Domaining
    Replies: 36
    Last Post: 13 August, 2011, 11:13 AM
  2. [Free] Quality FREE Wordpress Themes - Themes Zoo
    By themeszoo in forum Themes
    Replies: 143
    Last Post: 21 May, 2011, 15:42 PM
  3. Cheat Codes
    By Coelho in forum General Chat
    Replies: 5
    Last Post: 30 June, 2010, 20:05 PM
  4. Replies: 1
    Last Post: 8 April, 2010, 14:13 PM
  5. [Free] Free Download Wordpress Themes by Themes Warehouse (UPDATED)
    By themeswarehouse in forum Themes
    Replies: 1
    Last Post: 17 March, 2010, 10:36 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •