Around three months ago, I posted a warning to WordPress and Joomla users about downloading themes from TemplateBrowser.com which contained hidden spam and malware links. What they did was collect public themes for WordPress and Joomla, modify it and redistribute it on their site. Well it seems that they’re not the only ones doing it because just recently another site was discovered to distributing modified WordPress.
The culprit this time is Blogstheme.com, which is a site that supposedly offers free downloads of “premium” WordPress themes. What most users don’t know is that the guys at Blogstheme.com have already modified the footer.php file of each theme. They’ve edited the WordPress link and instead of it linking back to WordPress.org, it links back to their site blogstheme.com.
I’m not giving them any link love but if you wanna check them out you’ll see that they’ve done a good job of collecting attractive and well-designed WordPress themes. One thing that I immediately noticed in their site was their tag line – Get premium WordPress themes for FREE! It’s their style of tricking new WordPress users into downloading themes from their site. But if you know your stuff, you’ll know that it’s silly because all those themes that they have in their site are offered for free by the theme authors themselves.
I’m sure this won’t be the last time we’ll hear of something like this and I’m sure there are also other sites doing the same thing. The next time you want to download a public WordPress theme, make sure you download it from a reliable source like the theme author’s website, the theme’s own download page or from Themes Viewer. If you wanna play safe, NEVER download a WordPress theme from third party site. Better safe than sorry!
Where do you download WordPress themes? Have you or anyone you know downloaded/used a theme from Blogstheme.com? Did you have any experience downloading and using a modified WordPress theme containing spam links? What safety measures do you take when downloading/using a WordPress theme? Share your thoughts!
@gamzter – Oh okay. What’s important is you learned from that experience. Next time, make sure you only download WordPress themes from reliable sites/sources. :)
ay hindi po galing sa mga sites na yan..nakalimutan ko kung san ko nakuha…
@gamzter – Really? Where did you get the WordPress theme from? Was it also from the sites I mentioned in the post? Yes, its always good to check WordPress themes before you install them and also to only download from reputable and reliable sites.
If the user doesn’t know HTML or CSS, they can ask help from their friends or from other bloggers like me. :)
i experience already this kind of hacking…usually they put it in the footer.php…so a good advice is check your footer or to be safe check all your .php and see if there’s any malicious codes…and if you don’t know how to read html…better not download themes…^^
@Mikko – Yeah it is if you have the skills. Hehe These days there are a lot of good WordPress themes that you can download for free. If you want to make it different, you can modify it and customize it. :)
Making your own template is still the best option. Hahaha. ;D
@Dre – Good for you! I wish I had the same skills to create my own custom WordPress theme. Hehe :D
It’s a good thing that I know how to do my themes. But before, I just download from http://themes.wordpress.net/
@Pinoy Rick Jerk – Thanks! True, like I mentioned earlier the reason I posted about this is to help spread the word and awareness to WordPress users about malicious sites like these and to remind/teach them safety measures on downloading/using themes.
Thanks for dropping by! :)
Its nice you have posted these warnings. Really lots of new WordPress users don’t know these exploitations that are happening. Your site can be compromise by these malicious codes inserted on certain WordPress themes.
Make Money Online – http://pinoyrichjerk.com
@Euri – That’s a very good practice. I hope that by posting about this, WordPress users especially the newbies would be made aware of this and be careful when downloading or using public themes. :)
I haven’t downloaded a theme from that certain website. Whenever I use a pre-made theme, I usually go to http://themes.wordpress.net to get the theme’s author and download the theme directly from their site. That way, I’ll get the latest version of that theme.