This forum has a lot of WordPress newbies, so I thought would be a good idea to talk bit about website security with WordPress. While WordPress is a great platform and very safe in it's basic form, as with anything else regarding computers, you have to practice certain safety measures.
While checking out some free WordPress themes lately and ran across one theme with the entire footer code hidden in a mysterious code. Actually, I've seen this type of code before and I believe it's called "base64" code. That's not something you need to remember, but what is important is that your WordPress theme should not contain any secret codes like this. If it does, there's a good chance it's malicious and at the least can harbor issues like hidden broken links that can hinder your search ranking.
Malicious hidden codes can also occur inside plugins, too. You want to be very careful of any plugin that doesn't come from WordPress.org, and even then, exercise caution.
There are a couple of special plugins designed to detect malicious code in an existing WP install and I suggest running them both. It's best to install it fresh every time you run one:
Excellent advice. I've found some of these free themes are also "link stuffed" in the footer so you have to be very careful about that too. Sadly, free isn't always -- well, free.
Yes, Denise, they seem to overdo it sometimes. I suppose it's fair enough to include a link to the designer's site, but 5 or 6 links is going a bit far. And burying them in secret code with God knows what else is unacceptable.
Hidden Code in Free WordPress Themes
Reply With Quote
Bookmarks