There are over 1,400 themes available at the WordPress Theme Directory. There are a lot more elsewhere online. Although Leland of Themelab blogs Stop Downloading WordPress Themes from Shady Sites, the point really should be: be cautious when downloading any themes ANYWHERE.
Some of the things to look for:
– Encrypted code
– Inability to edit layout to fit your own means
– Link spam that have nothing to do with your site or may be linked inappropriate websites in the footer
– Malicious code that could open your server to attacks or your own computer to viruses
“Free” is without expecting anything in return. It is great to leave a link from the original theme creator on your site so your visitors will be able to use the free theme too . However, it is a nuisance to have all the other frills, and not-so-frills. It might be difficult to accept that you could either pay for a safe theme or download a free one from a trusted source, but it is important for your internet safety and the safety of your readers. It also alleviates future problems if the layout no longer functions due to WordPress upgrades and code changes that might break or make older themes buggy. Having to hurry and fix a theme issue is not fun, and if you have a free theme from a untrustworthy site, you will be scurrying to get a new theme up.
As a note: As for malicious code, if you are a shared hosting client, you might have to hope your web host is forgiving as they will have to fix the mess in case you have been hacked. Most web hosts have in their usage policy that it is your responsibility to keep software update and avoid using questionable programs, and that even includes your themes. You could risk being terminated and no refund of your money.
Although not everyone has their free themes uploaded to the WordPress theme directory, if you have found a theme you like, go to the WordPress support forums or ask anyone in the WordPress community if a certain place can be trusted and can vouch for it. Like visiting any site, if you cannot trust it, why download?
Are there any sites that people should avoid?
Exactly, i needs to be really careful about free stuffs. Many themes/templates of WordPress and blogger have hidden code which generally serves them as backlinks or for spying keywords.
I do not use free themes nowadays but any ways thanks for the heads up. I think it is essential for bloggers to understand the risks of free theme. Although yes, there are few free theme providers who do provide totally clean themes but there a lot of free theme creators who just add malicious and encrypted code just for their own benefit. And there are some free themes where everything is encrypted and when we try to edit anything the whole theme stops working.
As for me i have stopped downloading those free wordpress themes.i discover that cause a lot of problem sooner or later to one’s blog which may be the difficult to fix in the long run.
It is advisable one buy quality wordpress themes
I never really thought about the safety of FREE themes, particularly the ones that are downloaded from WordPress directly. Thanks for sharing this information.
I try to avoid free themes, although I can see how someone starting out would easily get caught out. I agree with checking on the WP help forums; those guys have kept me right a number of times.
I have to admit, this one caught me unawares. I personally do not change my WP theme, but know of some who change them almost weekly. Certainly I’ll be steering them here.
Excellent advice, Nile, and a wonderful blog. You are to be commended!
I just launched a word press blog and wasn’t really considering the virus and link issues which you mentioned. I appreciate the timely reminders!
I never really thought of any problems with using free themes. I use a free wordpress theme thats been converted to blogger for my own website. Is there anyway to spot malicious code before applying a theme?
Not all of them are bad, but you have to be careful with the other sites because they may contain viruses that you wouldn’t like to download along with the WP theme.
I have used several free WP themes for my WP blogs but never ever thought about these threats. Thank you very much for these precautions. This will help us a lot in near future.
From what I understand the themes from the wordpress directory are good. It is the ones you get from else where that you have to check.
Also, just for a bit of extra info, if you can find the premium themes listed on wordpresses directory under GPL you have every right to use them for free. I have quite a collection now and really enjoy the extra features.
I never knew these things also this much affective.. i must rethink about this …
Thanks for the post man
thnx for this article but i have never seen any problem while using free wordpress theme or downloading it
Thx for the article. I didn’t know that kind of things existed. I have a wordpress blog and I use a free theme. But How can I know if it’s a bad one or not ?
Yes free theme hurts a lot in terms of malicious script or penalized by search engine.
This is a HUGE issue of late. Its been a bit of an issue for a long while but I’d say it’s really spiked in the last year compared to the prior year. I had to re-think how I introduce new blog owners to finding themes. What’s scary is that some of the premium sites (not recognizeable names) are also guilty of this. People tend to believe if they paid for it it’s safe, and that isn’t a bulletproof argument. Dealing only with proven theme vendors is the best shot for premium and dealing only with the wordpress repository is the safest way to stay clean when it comes to themes. That’s not to say that there are not awesome free themes that are NOT in the directory but that there is more work involved to ensure its safe. Glad you shared this primer!
Kim
Can You comment at all on some of the purchasing sites such as themeforest and others? Are you generally safe if you are paying for it from a reputable site? Do those developers have to adhere to certain rules? What are the most reputable sites?
This is a useful plugin that looks for exploits in themes as you mentioned in this post:
http://wordpress.org/extend/plugins/tac/
Hello Nile,
Wow! Thanks for the heads up! As I read the comments here as well I can see that not too many people use the free themes now a day. But I’m sure that like Kim is saying it would be a problem when teaching people who want a free blog how to go about that. There has to be a way to do that. I’d like to know so I can refer someone who is in search of such service. Have a great Thanksgiving Nile ๐
So I had no idea you could buy themes. I thought you could only get them from WordPress. I was wondering if there was a way to get the links at the footer off of the site but couldn’t find a way, but I guess I could just buy the theme.
My question is does it hurt your site search rankings to have an outgoing link on your site?
Thank you Nile,
I think I will start looking and getting ideas of what themes will work for me in the future and then purchase one.
It is a work in progress. So many things to learn about wordpress, but also so many neat options to look forward to.
I support you 110%. I stopped using free themes when I took a look at where the footer links were linking too and although you wouldn’t notice by the keywords and the domain they were using, triple x content was waiting for you at the destination.
I remember saying to myself, you get what you pay for. And since I was on the fence for buying a premium theme, I just went ahead and did it and never used a free theme again.
I regularly visit WordPress blogs since its so user friendly. Being so impressed by the themes I’ve also been trying to know more about the themes and even download some. I noticed that free themes are good for experimenting only. When it comes to serious blogging fishing out extra on the themes is wiser.
Nile, many thanks for your feed back when I started using wordpress I used Free themes and had some bad experiences. But now I use profits theme and delighted to say no problems. Take care Rosemary
It is indeed true…there are free themes that have codes embedded on script that may cause harm to your blog or site.. Thanks for this heads up Nile..
Thanks
Once you have a trusted theme and you know it works for you don’t change it! I went through a lot of trying and failing with that at first. you are right about the links to sites you don’t want, I did have one like that and took it down. You should not only trust it, but be able to contact the creators if there are issues!
After I download a theme I always look for strange encrypted or hidden code. There are a lot of them out there that have something like this. I even saw a few of them that came with adsense ad code already coded into the theme. Meaning someone else could be earning from it. There are a lot of sneaky tactics and things in themes. Of course they are not all like that.
I think it is essential for bloggers to understand the risks of free theme. Although yes, there are few free theme providers who do provide totally clean themes but there a lot of free theme creators who just add malicious and encrypted code just for their own benefit
Free theme creators do it for the money so its actually quite reasonable to expect that they would and do embed links into the their themes as a way of making money. I have sponsored several themes over the years. All the creators were very honest and distributed their themes in very ethical ways.
Simply discounting these wonderful themes because the creators used methods to actually profit from their hard work is a mistake. Check them out, you will be surprised how well some of them work.
As for malicious coding, unless you are a coder you will have no way of finding out what may or may not be in your theme. Paid or free the risk is still the same. Just because a premium theme creator says a theme is safe doesn’t make it so.
That may be true, but over the years there are a lot of themes out there that are not as honest about their coding methods. I have seen a lot of poor coding on some of the profit themes, especially in still using Kubrick as its basis, a theme that was the WordPress default in 2005 and is no longer a perfect example of clean and responsive code.
This article is for the FREE themes, not the premium ones out there. Just in case, your theme has to be 100% GPL to be able to be shared in the WordPress theme repository and should not require a the user to leave the link in. However, as a WordPress theme and plugin designer/ developer, I will let you know, it is great if the link remains on the site and there are many open to that since they are really using the theme for free.
I will be covering on another article on how non-coders can skim their theme files to pinpoint malicious code in a theme before even deciding to use them.
ha.. I never thought about that, I always do downloads free wordpress themes, I think I better start deactivating it… thnx for the post it really wake me up… ๐
Hey Nile,
I am always skeptical of free things. First there is always something behind it and second you cannot hold anyone accountable if something does goes wrong. I have not had problems wiyh my sites, but you have got me thinking how much could go wrong, thanks. TTYL
Hi Nile,
On one hand we are greatful that there are these free themes which can be used particularly for newbie network marketers starting on tight buget. However the problem of contemplating if I save on the themes I risk having viruses attacking my hard worked on website.
Hi Niles,
This might be a reality shock for some bloggers trying to get set up in a hurry, but I agree that it is better to be safe than sorry.
If its free and buggy who is going to be responsible for sorting that one out. Yes sometimes if your lucky you will a good one, but is it a risk worth taking? I am not sure it is.
A wake up call for some people. Thanks for sharing,
Beth ๐
It is better avoid using WordPress theme which has encrypted code.
Nice post. Thanks for tips.
Yeah i agree with Swamykant .. Avoid using Word press theme which has ebcrypted code .,
As well as themes which has Inability to edit layout !
I am using free wordpress theme on my site but before doing so I make sure that there are few links on the footer like may 1 or 2. If the link listed is more than that I won’t be using it as it may have bad effect on my site.