Comments on: Stop Downloading WordPress Themes from Shady Sites

By: Mohit Kukreja

Mohit Kukreja — Thu, 09 Jun 2011 15:30:46 +0000

Yes this is very true. I also had some bad experiences. Thanks Theme Lab for bringing such posts in notice. Great job!!!

By: Ristoz

Ristoz — Sun, 06 Mar 2011 22:27:27 +0000

There are ways to reverse encrypted the code. They use base64 to encrypt. All you have to do is find and use one of the many free base64 decoders (search Google). Look for a decoder that explains where the code starts and ends otherwise it might not work. A friend of mine who doesn’t know any web design had downloaded a free theme that had the code. We successfully decoded the encryption, removed the hack link, and restored the footer.

With that said, I agree that that the whole thing is shady. Personally, I prefer to contribute to the theme authors.

By: somebody

somebody — Wed, 15 Dec 2010 11:16:11 +0000

Just want to let people know that worst than some backlinks to websites (be it spam sites or the developers site) shady websites may HAVE VIRUS (technically it’s a worm) installed in them, and sometimes IT`S NOT ENCODED and you may mistake it for genuine code.

One of my colleagues at work installed such a theme and I’m trying to fix things out now.

It didn’t happen, but anybody could have logged in as admin to my site and delete all my content.

By: karen C.

karen C. — Wed, 08 Dec 2010 13:06:51 +0000

Thank you for the warning, I will be more careful when searching, and downloading. I found this to be very helpful.

Sincerely,

Karen C.

By: Chris

Chris — Sun, 10 Oct 2010 15:57:20 +0000

I have come across a few sites like you speak of. I am sure you have all heard of Woo Themes right? Well.. I contacted them, to let them know of 1 site specifically that was giving their paid theme’s away for free.

They responded, said thanks, but there was nothing they could actually do legally, mainly because of the type of licensing. After someone buys the theme from them, they are free to do with it whatever they want. Even if that means putting a encrypted file in the footer, and giving it away for free.

By: Yogi - ThemeWarrior

Yogi - ThemeWarrior — Sun, 10 Oct 2010 15:30:05 +0000

I found a site several days go that was listing our free theme but to my surprise they add encrypted links on our theme’s the footer. Is there a way to prevent those sites not appearing on search engines? Maybe like reporting the site to Google (dunno if this kind of service is available) so it will be flag as some sort of ‘Reported Attack Site’.

By: Blaise

Blaise — Sat, 28 Aug 2010 07:22:13 +0000

This is a really useful post. I hadn’t previously been aware of this issue and I’ll definitely be more careful about selecting themes.

By: Michelle

Michelle — Sun, 15 Aug 2010 17:19:01 +0000

I only recently came across this phenomenon, I’d heard of it but never really seen it until a client hired me to fix various issues on his site that was using one of these themes.

Unfortunately my advice to switch is so far going unheeded.

Useful post, and I hope it makes some people think twice.

By: AJ

AJ — Sun, 25 Jul 2010 03:22:53 +0000

People that add encrypted footers on their themes piss me off. Especially since WordPress Themes are GPL and encrypting WordPress code such as “the_footer” is a violation of the license. Honestly, if you theme is awesome enough people will not remove the link and even more people will link to you.

By: Lori

Lori — Sat, 10 Jul 2010 21:47:34 +0000

Wow, I’m glad I stumbled on this post. I’m currently searching for a new site theme and had no idea this happened. I may or may not have found the encryption once I looked at the files but even if I did I’m not sure I would know it was something potentially dangerous. Thanks!