Article

Brad Litwin
Brad Litwin 21 December 2018
Categories Technology

Five Tips To Help You Avoid Malicious WordPress Plugins And Themes

Wordpress’s plugins and themes are one of the most powerful things about the platform - easy to use and easy to install, they can transform your website into just about anything you could possibly imagine. Unfortunately, there are plenty of people out there looking to use this functionality for nefarious purposes - here’s how to spot and avoid them.

All told, WordPress is a remarkably secure platform. Were it not, I doubt it would have achieved the level of market penetration it has. Of course, that probably has as much to do with its plugin ecosystem as anything else.

WordPress’s greatest strength, and its greatest weakness.

There exists a dizzyingly diverse selection of plugins and themes on the web. Tools that can transform your website into just about anything you could possibly imagine. As you might expect, there are also plenty of unsavory characters angling to abuse this fact - to trick unsuspecting webmasters into downloading malicious software and compromising their website.

Here’s how to spot (and avoid) them.

1. Be Careful Where You Download From

There are plenty of reputable, trustworthy plugin repositories and theme marketplaces on the web, but there are also a ton of shady back alley websites loaded with all sorts of nasty stuff. Sites like the WordPress Marketplace and ThemeForest - as well as the websites of reputable, well-known developers - are usually safe. But if you had to spend several hours on Google to find a particular repository?

There’s probably a very good reason it was so hard to find.

2. Look At The Reviews

What are people saying about the plugin or theme on the web? What about the developer of that plugin or theme? Generally speaking, if someone is a peddler of malware, it doesn’t take long for people to call them out for it. And when someone gets a reputation like that, it becomes very difficult for them to shed it.

A little bit of due diligence here can go a very long way. A quick google search on a developer’s name, a quick look through the reviews on the repository, a quick glance at other plugins they’ve developed...you get the idea. Do note that some repositories make it impossible to post negative reviews - if possible, look at multiple sources in the course of your research.

3. Read The Documentation

How well-supported is the plugin or theme? Are there changelogs for each update? Extensive documentation on how to use its various features and functions? Is developer active on their support forum?

A quality plugin or theme offers more than just functionality. It’s maintained by a developer who actually cares about offering their users something of value. A lack of documentation or support could indicate that the dev doesn’t care - or it could indicate that they’re peddling malware.

4. Do A Bit Of Historical Research

It’s also important to look at a plugin/theme’s history. How many total downloads does it have? How many active installations are there? Is it being distributed by someone you know isn’t the original developer?

5. Ultimately, Just Use Your Best Judgement

Are you stoked about finding a premium plugin or theme for free? Before you get too excited, you’d best ask yourself what the person peddling that software has to gain by doing so. Because you can bet they aren’t doing this entirely out of the kindness of their heart.

Generally speaking, if someone claims to be offering a paid-for, full-featured premium plugin or theme at no cost, walk away. There’s a good chance their version is laden with malware, or at the very least contains a backdoor that’ll allow them to freely exploit your website.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
How to Review a Website — A Guide for Beginners

How to Review a Website — A Guide for Beginners

A company website is crucial for any business's digital marketing strategy. To keep up with the changing trends and customer buying behaviors, it's important to review and make necessary changes regularly...

Digital Doughnut Contributor
Digital Doughnut Contributor 25 March 2024
Read more
The World Is Shrinking: 6 Degrees of Separation Is Now 2!

The World Is Shrinking: 6 Degrees of Separation Is Now 2!

Six degrees of separation is not just a party game, it's a reality. Everyone is the world is interconnected, and thanks to social media, that connectedness gets tighter and richer each day. See the research...

Scott Christley
Scott Christley 9 August 2017
Read more
The Impact of New Technology on Marketing

The Impact of New Technology on Marketing

Technology has impacted every part of our lives. From household chores to business disciplines and etiquette, there's a gadget or app for it. Marketing has changed dramatically over the years, but what is the...

Alex Lysak
Alex Lysak 3 April 2024
Read more
What Marketing Content Do Different Age Groups like to Consume?

What Marketing Content Do Different Age Groups like to Consume?

Today marketers have a wide choice of different content types to create; from video to blogs, from memes to whitepapers. But which types of content are most suitable for different age groups?

Lisa Curry
Lisa Curry 21 October 2016
Read more
10 Factors that Influence Customer Buying Behaviour Online

10 Factors that Influence Customer Buying Behaviour Online

Now is an era where customers take the center stags influencing business strategies across industries. No business can afford to overlook factors that could either break the customer experience or even pose a risk of...

Edward Roesch
Edward Roesch 4 June 2018
Read more