Everyday, a lot of WordPress themes are created and introduced into the market. Some are free, some are for a fee, while others are free copies of premium themes.
Most beginner WP users are not really familiar with the various codes and scripts used in WordPress – the reason why they become victims of hijacked and repackaged WP themes.
As the popular adage goes “there’s no such thing as a free lunch.” Snagging a premium theme for free (when it’s supposed to be a paid theme) might mean that your freebie theme is already injected with spam and malware links. This is how unscrupulous individuals gain from you for giving you a freebie.
Theme Authenticity Checker
There’s a WordPress plug-in called “Theme Authenticity Checker” or TAC that scans all of your theme files for potentially malicious or unwanted code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code. As of v1.3 TAC also searches for and displays static links.
The Theme Authenticity Checker is easy to install. Here’s how to install this WP plug-in:
- In your WP Dashboard, go to Plugins then click Add New.
- Search for Theme Authenticity Checker then click Install Now (or you can click Details first if you want to find our more about it).
- Activate the plugin through the ‘Plugins’ menu in WordPress
- Look for the TAC link in your WordPress Dashboard
- The results of the scan will be displayed for each theme with the filename and line number of any threats.
If you find something, contact the theme’s original author to double check if that section of code is supposed to be in the theme in the first place – chances are it shouldn’t as there isn’t a logical reason have obfuscated code in a theme.
If something is malicious or simply unwanted, TAC tells you what file to edit, you can even just click on the file path to be taken straight to the WordPress Theme Editor.
What a great plug-in for WordPress, right?
Wow, thanks big time She, i’ll sure try this plug-in in my wordpress blog. i think i am a victim. Lately kasi my WP blog is acting up and I got my WP theme for free lang. Thanks again!
I’ve recently started a blog, the information you provide on this site has helped me tremendously. Thank you for all of your time & work.
TAC could not find any malicious code in Tincredible theme, but there are many encrypted codes in that theme. I think TAC is a useless plugin.
Sana maalala ko to try this out. Thanks for the tip! 🙂 And this new blog is looking good.
thanks a lot ver. i’m glad for that remark because i tweaked this site myself. 🙂
Hello She, I am back here. I thank you for this post coz I learned about TAC. I tried it and that theme i used in WP before has a lot of malicious codes. I decided to change it na and now got this WP theme from WP lang din but customizable nman. Still learning in WP pa..so thanks talaga.