Acabo de encontrar este excelente plugin de WordPress, y pensé en compartirlo con todos ustedes. Se llama Theme Authenticity Checker, o TAC para abreviar. Lo que hace este plugin es escanear código encriptado y otro material sospechoso dentro de un tema. Si usted tiene un tema con codificación base64, por ejemplo, le permitirá saber qué archivo en el tema contiene el código. También listará cualquier enlace externo dentro de un tema y los separará por archivo.
Una vez que hayas descargado e instalado el plugin, aparecerá una nueva página en tu menú de Diseño llamada “TAC”. He probado este plugin en el servidor de demostración, y déjame decirte – este plugin carga sorprendentemente rápido, incluso con todos los temas alojados en él. ¡En caso de que te lo estés preguntando, todos los temas de WordPress aquí tienen un gran mensaje verde Theme Ok!
[…] vulnerable to spam attacks. I wrote about the WordPress Theme Authenticity Checker a while back here and is a great tool to check if the theme you downloaded contains any encrypted code without having […]
if you trust the corecode u should trust the theme to…
Lagerhall
Where’s the logic in that? That’s the same as saying if you trust an operating system you should trust any program available for it.
A user like me.
😀
Glad that I never encounter any malicious code etc.
Like Peter said, there are a few theme sites which bundle malicious code in “encrypted” form. Although some encrypted code is harmless (just protecting links), the truth is a lot of users don’t know what this is or how it can potentially harm (if malicious) their blogs.
Well, people don’t just use it for “protecting” links in templates. It’s ethical to encrypt code for good intentions such as encypting designer links in the footer, but, it’s unethical when people encypt harmful material into themes.
AH…
So far, I never find such theme that using any encrypted code.
Beside, most of theme is from trusted designer like themelab, and Justin Tadlock.
Ah, I see.
So using an encrypted code such as
VGhlbWUgYnkgPGEgaHJlZj1cIiNcIj5DZW5lYjwvYT4gYW5kIDxhIGhyZWY9XCIjXCI+VGhlbWUgTGFiPC9hPg==
is unethical to put our credit in the theme that we make?
But I though that this will help people not to modify it.
Still in confusing.
So if the plugin found the encrypted code, so what?
That’s what I’m trying to ask.
What’s the benefits.
Ah, from what I know, base64 encoding changes normal readable text into a string of characters which are not readable without using a decoder.
Template creators occasionally use base64 to try and limit the amount of links being removed from templates.
E.G. in the footer, instead of the footer being something like
“Theme by Ceneb and Theme Lab”
it would say:
VGhlbWUgYnkgPGEgaHJlZj1cIiNcIj5DZW5lYjwvYT4gYW5kIDxhIGhyZWY9XCIjXCI+VGhlbWUgTGFiPC9hPg==
Until you use a decoder:
http://makcoder.sourceforge.net/demo/base64.php
Yeah, I’ve read it twice to make myself clear.
Don’t know what is base64 emcoding, etc…
I wonder what’s the benefits of having that plug in for user or developer?
What’s the “Theme OK!” means?
Valid XHTML?
Pangeran, I’m not too sure if you read the post Leland wrote, fully, but I seemed to get a good idea from:
“What this plugin does is scan for encrypted code and other suspicious looking material within a theme. If you have a theme with base64 encoding, for example, it will let you know which file in the theme contains the code. It will also list any external links within a theme and separate them by file.”