There are thousands of WordPress plugins and themes out there including WP official repository. You may trust some but shouldn’t put your faith on all. Especially if you are using some nulled themes/plugins or something from unknown, untrusted source, you are definitely at risk then.
A good number of themes/plugins add malicious code to your site in absence of your understanding what can really damage your SEO rank, google indexing, even break your site. First, you should know what are the motives for pushing these suspicious codes.
- To get access to your blog/site
- To redirect your URL to some spam links
- To get backlinks from your blog
- To add their advertisements and banners
- To block some of your features
- To get your website down
The good thing is there are some cures for everything.
Theme Authenticity Checker (TAC)
TAC is a free plugin that searches the source files of every installed theme for signs of malicious code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code. TAC also searches for and displays static links. It’s highly recommended to find anything malicious from the themes in your repository.
Upon activation go to Dashboard >> Appearance >> TAC where you can see the list of themes installed with their authenticity result. It will give a warning if any encrypted links are found in any theme.
Wordfence Security – Firewall & Malware Scan
Wordfence is not only for scanning malicious scripts from plugins/themes. It can do a lot more. With 2+ million active installations it’s the most popular WordPress firewall & security scanner. To ensure security it’s really a good solution.
Plugin Security Scanner
To ensure your plugins or themes are not causing any harm Plugin Security Scanner by Glen Scott is a good option. It does this by looking up details in the WPScan Vulnerability Database. It adds a new menu option to the admin tools menu called Plugin Security Scanner. Clicking this runs a scan. If the scan finds any problems, it shows you a list of plugins or themes that have vulnerabilities, along with a description of the issue.
It’s an out-of-box solution, not a plugin like the others. VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
Latest posts by Editor (see all)
- Earn Money Selling Your Photos at Shutterstock - December 19, 2018
- Prevent Risks and Malicious Codes from WordPress Themes and Plugins - December 17, 2018
- Download WordPress Premium Themes/Plugins for Free! - December 16, 2018