There are more than thousand WordPress themes around the Internet. You can find your answer by a simple search query. However, is that kind of free stuffs good and security enough to use? I have read many sources related this problem and in my opinion, the answer depends on your case!
If you can not afford to buy a premium theme, using a free WordPress theme is unavoidable! There are many sources to grab a free coat for your baby. They can be good or bad, nice or ugly in terms of design and style etc… but at first, it seems all bloggers love them and give much of credit. However, STOP! your blog might be stolen! Have you ever thought about this critical problem? Here I want to share you a very wonderful, free and effective solution to avoid the unwanted disaster!
Though WP is secure and reliable, there are many reasons that lead your blog to be stolen. Theme is one of the major ways hacker use to exploit your blog. In addition, some WP theme creators even insert malware or malicious injection code.
1. Antivirus for WordPress
As a regular blogger, we can not check the theme manually, so in this case AntiVirus for WordPress plugin is a smart and effective way for you.
Here are the main features:
- WordPress 3.x ready: Design as well as technical
- Detect the current WordPress permalink back door
- Quick & Dirty: activate, check, done!
- Manual testing with immediate result of the infected files
- Daily automatic check with email notification
- Whitelist: Mark the suspicion as “No virus”
- Clean up after uninstall the plugin
- English, German, Italian, Persian, Russian
Using this plugin is very simple. All you need is download it (here), upload via FTP or your Dashboard, then Activate it and start to scan your WP. The scan task time span is only few minutes and the result will show about your blog. Here is a screen shot.
Then hit the Scan the them templates now.
Here is the result. My Premium WordPress Theme (I am using Thesis) is safe, of course!
If there is any problem, your will be noticed and then, the next step is remove it from your server and install a new trusted one.
Small tip 1: You should download and install free WordPress theme from reliable source. I recommend you to find a suitable WP theme on wordpress.org.
Small tip 2: Do not hesitate any more. Purchase a premium WP theme such as Thesis them, Genesis them or Theme-Junike. They are cheap but offer you lots of feature and various supports and most important SECURE!
2. TAC (Theme Authenticity Checker)
TAC stands for Theme Authenticity Checker is very renowned plugin in security category. Its task is very simple: scan your WP theme and make sure your theme does not have any malicious code. As TAC creators introduced: free WordPress themes sometimes have been inserted malicious code and average end users need a smart by easy to use solution to analyze what are happening with their WP theme.
After installing this plugin, visit Appearance setting section. Click on TAC as the image below:
If the WordPress has malicious code, there will be a notification like the image below: (I have checked on another blog and amazingly, almost free WP themes have malicious code). In total 17 free WP themes, there are only 5 themes are free of malicious code, meaning 12 free WP themes have–>70%. BE CAREFUL!
Small tip 3: After using the two plugin I mention in this article, you can inactivate it or even uninstall it to make your blog runs as regular.
Small tip 4: In case you are using a “free” premium WP theme which you download on the Internet or receive it from free, take care your blog with the plugins.