I just came across this excellent WordPress plugin, and thought I would share it with all of you. It’s called the Theme Authenticity Checker, or TAC for short. What this plugin does is scan for encrypted code and other suspicious looking material within a theme. If you have a theme with base64 encoding, for example, it will let you know which file in the theme contains the code. It will also list any external links within a theme and separate them by file.
Once you’ve downloaded and installed the plugin, a new page in your Design menu will appear called “TAC.” I tested this plugin on the demo server, and let me tell you – this plugin loads surprisingly fast, even with all of the themes hosted on it. In case you were wondering, all the WordPress themes here got a big green Theme Ok! message.
Comments Leave a Reply
[…] vulnerable to spam attacks. I wrote about the WordPress Theme Authenticity Checker a while back here and is a great tool to check if the theme you downloaded contains any encrypted code without having […]
if you trust the corecode u should trust the theme to…
Where’s the logic in that? That’s the same as saying if you trust an operating system you should trust any program available for it.
A user like me.
Glad that I never encounter any malicious code etc.
Like Peter said, there are a few theme sites which bundle malicious code in “encrypted” form. Although some encrypted code is harmless (just protecting links), the truth is a lot of users don’t know what this is or how it can potentially harm (if malicious) their blogs.
Well, people don’t just use it for “protecting” links in templates. It’s ethical to encrypt code for good intentions such as encypting designer links in the footer, but, it’s unethical when people encypt harmful material into themes.
So far, I never find such theme that using any encrypted code.
Beside, most of theme is from trusted designer like themelab, and Justin Tadlock.
Ah, I see.
So using an encrypted code such as
is unethical to put our credit in the theme that we make?
But I though that this will help people not to modify it.
Still in confusing.
So if the plugin found the encrypted code, so what?
That’s what I’m trying to ask.
What’s the benefits.
Ah, from what I know, base64 encoding changes normal readable text into a string of characters which are not readable without using a decoder.
Template creators occasionally use base64 to try and limit the amount of links being removed from templates.
E.G. in the footer, instead of the footer being something like
“Theme by Ceneb and Theme Lab”
it would say:
Until you use a decoder:
Yeah, I’ve read it twice to make myself clear.
Don’t know what is base64 emcoding, etc…
I wonder what’s the benefits of having that plug in for user or developer?
What’s the “Theme OK!” means?
Pangeran, I’m not too sure if you read the post Leland wrote, fully, but I seemed to get a good idea from:
“What this plugin does is scan for encrypted code and other suspicious looking material within a theme. If you have a theme with base64 encoding, for example, it will let you know which file in the theme contains the code. It will also list any external links within a theme and separate them by file.”