If you are using a free wordpress theme, make sure that the footer does not contain hidden code. I’ll show you how to find and unhide that hidden code below, something that many people starting out with WordPress miss. Such a mistake can have you linking to bad link partners which can cause your site to never rank well with the search engines.
You are who you hang around with, at least that is the way it is on the internet. If your site is on Green Tea and you keep linking to mountain dew, then your site is considered to be about dew, not tea to most search engines.
If you have a site that links to websites considered bad by search engines, you will be penalized and may not recover for years – at that point, you might as well start another site.
So what does this have to do with hidden code inside wordpress themes? The hidden code can contain links to inappropriate sites or worse, code that fetches links from a main server that are then placed on you site without your knowledge!
So, what do you look for when evaluating a wordpress theme? Start with the footer.php file and look for code like this:
<?php eval(gzinflate(base64_decode(’rZFNT8MwDIbP66+wcmCbBM3YBYml2QG4I4a
049Ru7oeUJlGc0u3f06wbaB2ICzk4ih0/r/NmKSOxqz5gq1KihOXGeHTsp+TG730oZA647
GMEIKycbKcwn80eQCxtaSFTpqh0biZjndY4ni5gKeNoNLrRGdnFRcwapRbX+e6ySKF0mCd
syHRE803jVM9l8kV7VyHB5G21mgqeyn9T2pq6Ru1pM5R8OhW+NQW3wYvLFQneefibk/f
ByrN06b195Ny6Svt4ryl2DZNrzOAZqSp0kIDsAFcSQ8C5td9D2y2QNZqMw10g3P3NOA5B/q
CwQ3AmX7/O/RjONEXpe9iwt23buLW+xBopd4hx5yFn4CuvMGFr43bWIRG8H290Txxkgk
J88u34HRF8Ag==’)));?>
Looks odd, doesn’t it? If not, then you need to step away from the computer right now
If you take this code, replace eval with print and place it in a file on your server called testme.php, you will see the hidden code. After you have created the file, access it by typing your websiteaddress/testme.php and then choose view source from your browser. Behold, the hidden code revealed. In the example above, the hidden code equates to something like this:
?>
<div class=”footer”>
<div class=”footer_txt”>
<br /><br />
<p>(c) 2007 <?php bloginfo(’name’); ?>.
<a href=”<?php bloginfo(’rss2_url’); ?>”>Entries (RSS)</a>.
<a href=”<?php bloginfo(’comments_rss2_url’); ?>”>Comments (RSS)</a></p>
</div>
<div class=”footer_txt1?>
<a href=”http://badsite. com”>Inappropriate Text</a> by Bad Site</a>.
</div><?php>
So next time you decide to use a free wordpress theme, make sure you check the theme files BEFORE you place it on your site! If there is encrypted code and it’s released under the GPL License (most are), then there should never be any need for encryption!