Trojan - How to check if a WordPress (free) theme is free of trojan?

by johnzhel Posted: 13 years ago 7 replies

How to check if a WordPress (free) theme or plugin is free of Trojan? People may know everything you do inside your admin area if a free plugin or theme has Trojan scripts in it. How to avoid it?

I bought a pain plugin and received a referred visit from the company who sold this plugin to me, but my site is brand new, even Google has not indexed it. There is no way other people would know my site's domain/url, except certain script in the plugin sent my url to some one... It is not necessary a bad thing, just want to know how to find it out and what it does (if that plugin company didn't click my URL, I won't have known this) ...

#main internet marketing discussion forum #check #free #theme #trojan #wordpress

seasoned 13 years ago

You think you get a theme for free? That's NEAT! A lot of times, at least with templates, you ARE giving something to them. It MIGHT merely be a mention on copyright, etc... Sometimes Affiliate links. Sometimes a banner, and SOMETIMES a back link. In fact there are LOTS of programs/templates/etc... that have back links, and CHARGE you for the mere license to remove them.

So just because the provider seems to magically know about your site does NOT mean there is a trojan. What COULD have happened is that they had a linked graphic on their template. You brought up a page, the graphic was downloaded from their system, and BANG they found you!

As for finding out if it is infected? I BELIEVE these are generally HTML. I may be wrong there. HTML by itself won't be a problem, but they could have javascript, popups, or forms that could trigger an infection. These days, they could EVEN be hidden in flash routines! I would look for the javascript, and popups, and check them out. And Forms should generally have an action from YOUR server. There ARE cases, like if you are using aweber, when they may go there. I haven't really looked at WP, and am speaking GENERALLY about themes and templates here.

Steve
- [1] reply
- Bradley J Anderson 13 years ago
  
  Bingo! Yet another reason you should not play with free themes unless it is from a trusted vendor. If they are giving it away for free, though, you can bet there is a reason. See above post for some possibilities... :rolleyes:
  
  [1] reply
Istvan Horvath 13 years ago

Use free themes from wordpress.org. They check themes for malicious/hidden code...

Join the discussion

Next Topics on Trending Feed

9

Trojan - How to check if a WordPress (free) theme is free of trojan?

johnzhel • 13 years ago • 7 replies

How to check if a WordPress (free) theme or plugin is free of Trojan? People may know everything you do inside your admin area if a free plugin or theme has Trojan scripts in it. How to avoid it? I bought a pain plugin and received a referred visit from the company who sold this plugin to me, but my site is brand new, even Google has not indexed it. There is no way other people would know my site's domain/url, except certain script in the plugin sent my url to some one... It is not necessary a bad thing, just want to know how to find it out and what it does (if that plugin company didn't click my URL, I won't have known this) ...