It’s difficult to get suitable themes for Blogger blogs. But WordPress themes are easy to get. There are hundreds of websites which provide tons of WP themes and plugins at free of charge.
Then, naturally one question rises. What’s the benefit for the developers of such free themes or why they are providing it without charging any price?
In most of the cases, they just need backlink from your blog or will be benefited from advertisement links preloaded with your theme code. They may have a premium version of the same theme and using the free version just for promotional purpose.
But in some cases, free themes may contain malicious codes which are difficult to find out. It may be deliberately developed by the cyber criminals to get access to others’ sites or they may have inserted some hacking script into others’ themes and giving you as their own.
By going to Virustotal.com, you can easily check whether your theme contains any malicious code or not. There are two options:
- Upload and scan the files in zip format. It will show the results within a couple of seconds.
- Scan your website with various antivirus programs. You can do it online by typing URL of the site.
There are some plugins that let you to scan theme as well as plugin files for malicious codes. They will scan files at scheduled intervals and alert you if any suspected code found. Some of them are here. They are not listed in any order.
1) WP Optimix
This is a premium security plugin with added features of Brute force attack detection, Intrusion detection, limited login attempts and automated cloud backup.
2) Theme Authenticity Checker(TAC)
It searches the source files of every installed theme. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code.
3) WordPress File Monitor Plus
It monitors for any modified files in the system and will alert you via admin panel and by email. This plugin is capable to support multisite.
It will protect your blog against malware and spam injections through theme/plugin files. This is one of the best WordPress plugins to find out hacking code.
5) iThemes Security
It will help you to fix plugin vulnerabilities and obsolete software issues. It can prevent brute force attacks and ban troublesome user agents, bots etc.
6) Exploit Scanner
This plugin is very useful for advanced users. It searched files on the website for suspicious code and will be able to find out encrypted codes which is hidden by CSS.
7) Acunetix WP Security
This’s very effective security tool capable to change the appearance of user panel of non admins. It can change file permissions, analyze live traffic- all with one click.
8) Bulletproof Security
It is one of the essential plugins to enhance your blog security. It has several advanced features- login security and monitoring, brute force security detection, maintenance mode, optimized performance etc.
In addition to all these, you can ask directly to Google about the security status of the site.