WordPress.org

Ready to get started?Download WordPress

Forums

If I were you, I wouldn't download from... (8 posts)

  1. mailcatala
    Member
    Posted 4 years ago #

    There seems to be lately some sites that offer 'free' WP themes where some of the code has been ofuscated.

    In some cases, this is to force you to advertise for them at your expenses. These are the less worrying of the situations and it can easily be fixed by either decoding the footer.php or erasing its content all at once.

    Some other situations, though, are of much more concern. They implement some sort of validation by using a tracking pixel or by sending information from your server and, in return, they update the links that you show up. Technically speaking, this is called a trojan horse. An example of this would be freewordpressthemes4u dot com.

    Some others create a file called contact.php that, together with some code in functions.php, is used to spam your users. Much in the way that a botnet would do. An example of this would be qualitywordpress dot com and wpthemesfree dot com.

    I encourage all members to post here those sites that are offering themes with ofuscated code.

    PS: When confronted with questions, both sites mentioned above declined to provide an answer after a long e-mail conversation posing as a genuine customer.

  2. ClaytonJames
    Member
    Posted 4 years ago #

    That's a well discussed issue, and you seem pretty much right on point with everything you mention. The fact is, you shouldn't trust 99.9% of the situations that involve obfuscated code in themes. Conversely, theme authors can pretty much do whatever they want with their own creations, short of crossing the line to malicious intent. It amazes me how many people just shrug their shoulders and use them anyhow.

    How to decrypt an encoded theme

    Some prior discussions:

    http://wordpress.org/support/topic/300761?replies=195

    http://wordpress.org/support/topic/263331?replies=79

    http://wordpress.org/search/encoded+themes?forums=1

  3. Ramzii
    Member
    Posted 4 years ago #

    Nice post! Thanks for the heads up. As a new WP user I didnt even know codes could be encrypted.. tell me, how does such code look?

  4. ClaytonJames
    Member
    Posted 4 years ago #

    Here is a page with some basic examples posted in the threads
    http://wordpress.org/support/topic/263331?replies=79

    The links to pastebin may have expired, but there is some code there in the posts that you can see.

  5. Ramzii
    Member
    Posted 4 years ago #

    Superb mate, thanks & cheers from Morocco

  6. mailcatala
    Member
    Posted 4 years ago #

    I believe it's an issue not to discuss but to act upon. Hence why it's good to have a post every now and then to remind people to verify the code before installing anything live on the internet.

    So just let me add wordpressthemebase dot com to the list.

  7. mailcatala
    Member
    Posted 4 years ago #

    Add topwpthemes dot com and wpthemes360 dot com to the list

    I would say that they follow a clear naming convention on the domain name. Plus most if not all of these have decided to hide the registration details of the domain.

  8. Ramzii
    Member
    Posted 4 years ago #

    Ok, so lets remind ourselves why this is a serious issue:

    They [the codes] implement some sort of validation by using a tracking pixel or by sending information from your server and, in return, they update the links that you show up. Technically speaking, this is called a trojan horse.
    Some others create a file called contact.php that, together with some code in functions.php, is used to spam your users. Much in the way that a botnet would do.

    The blacklist so far:

    - freewordpressthemes4u dot com
    - qualitywordpress dot com
    - wpthemesfree dot com
    - wordpressthemebase dot com
    - topwpthemes dot com
    - wpthemes360 dot com

Topic Closed

This topic has been closed to new replies.

About this Topic