Get Adobe Flash player
Categories

Easily create your own unique and beautiful Wordpress and Blogger themes.

Archive for December, 2009

Beware Malicious WordPress Themes

December 1st, 2009

by AJ Farro

True story.  Even though I make my own WordPress themes, I like finding and downloading free themes with unique or eye-catching layouts.  Then when I create a new theme, I look through them to get ideas for colors, fonts, graphics and layout.

Recently I had installed a new WordPress blog and written the first post.  I wanted to take a closer look at some of the themes I had collected so I uploaded them to my server and began activating them one after another. 

 While in the Manage Themes screen, one particular theme’s screen print wasn’t previewing.  I’ve come across that behavior several times before, but I’ve never had a problem with any of them not activating.  Thinking that perhaps the screenshot.png file was missing, I clicked on it any way to activate it.

My blog went blank.  I was staring at a white screen.  The post I had just made wouldn’t come up and neither would the WordPress login screen.  I had to log into cPanel to uninstall the blog and then reinstall it.  Had this been one of my well established blogs, I would have been mortified to lose everything.

I immediately deleted the theme from my hard drive and have since emptied my Recycle Bin so it wouldn’t happen again.  In hindsight I should have gone back to the website I got it from to report it.

I come away with several tips for those of you who like using free WordPress themes.

  • Don’t download any theme unless it’s from a reputable author.
  • Always do database export before activating themes.  Here’s how:
    • Login to your hosting account’s control panel.
    • Go to phpMyAdmin.
    • On the left side of the screen will be your databases using a naming convention like _wrdpx, with x being a number.
    • To find which database belongs to the blog in question, click on a database to display its tables.
    • Click on the wp-options table.
    • On the right side of the screen, click on the SQL tab.
    • There will be a SQL query already in the window.  Leave it as is.
    • Click the ‘Go’ button to execute the query.
    • Under column option_name you’ll see the siteurl and blogname values.
    • If that’s not it, go to the next database until you find it.
    • Once you find it then back out of the options table and click on the database name.  All tables in the database will display on the right side.
    • Then click on the Export tab.
    • The default selections will suffice.
    • Check the ‘Save as file’ checkbox.
    • Click the ‘Go’ button to create the export file.
  • Then using your FTP client, download your blog’s wp-content/plugins and wp-content/themes folders to your hard drive. 

Now you can begin previewing themes.  If you run into problems like I did

  • Uninstall WordPress.
  • Reinstall WordPress.
  • Upload your files.
  • Import the export.

 Have fun blogging!

Learn to make your own WordPress themes the fun and easy way with theme development software from Artisteer. Artisteer can also make themes for other popular CMS applications.
Artisteer - CMS Template Generator

Comments Closed
Make Your Own Themes

Artisteer - Wordpress Theme Generator

Contact Us | Terms of Use | Trademarks | Privacy Statement
Copyright © 2009 GetATheme.com - All Rights Reserved.

Created with Artisteer. Powered by SuperGreen Hosting.