339: WordPress Theme Authenticity Checker
When working on your WordPress site, you will discover there are many many themes available. WordPress has a nice stack available from within the admin interface itself, but you will soon discover that there are thousands of free themes are all over the web spread across hundreds of sites.
These sites, while having free content, can also be the culprit in placing unwanted or malicious links on your site. Luckily, there is a plugin that will scan any them you upload and tell you whether it has malicous code or hidden links in it. This is known as the Theme Authenticity Checker. Follow along below as we show you how it works.
Using the Theme Authenticity Checker in WordPress
- Logging into your WordPress Dashboard.
- Install the plugin named Theme Authenticity Checker.
- Once it is installed, you may go out to the web to find a free theme to download and install.
- Once you have located and downloaded a theme, upload it to your WordPress site.
- Next, go to Appearance and then find TAC. Click that to run the Theme Authenticity Checker.
- The Theme Authenticity Checker (TAC) will scan all themes on the site and give a quick review on what it finds. In our sample, you can see that it found encrypted code in one of the themes. Generally, you will want to delete themes that show up with encrypted code or links that the checker beleive to be bad. In this specific case, however, the encrypted code was simply due to the creator encrypting their theme template for security. No malicious code was found, but it did have a couple of additional links added to the footer for sponsor websites.
Themes that come directly from WordPress are always fine and pass the check, so use the Theme Authenticity Checker plugin to check any plugins you find off of the web. This can help minorly with your website security by preventing malicious code and in inadvertently giving backlinks to unauthorized sponsors.
Thank you for your feedback!