When you setup your first WordPress site you will probably spend some time looking and researching which theme you should use. The ‘theme’ is the skin your WordPress site will use to control the overall appearance. While you will need to consider if you want a theme that is simple, elaborate, personal, or business oriented, or if it has a static homepage, sliders, etc. the one most important feature you must consider is the safety of the theme.
I’ve sure you have heard this before the number of sites hacked are just going up and up. At least once a week we are learning about a site that got hacked or a new vulnerability in a web app. Insecure WordPress themes are one way hackers can get access to your site! In my past 6 years of doing business online I have lost count of of clients that have had a site hacked because of a theme. I will admit this number has gone down in the last couple years thanks to security minded plugins but you still have to be careful.
Here are 4 tips to help make sure you choose safe WordPress themes for your site.
- Only use themes from a trusted source. Don’t go downloading themes from some obscure website that doesn’t have anything else WordPress related on it. That’s just asking for trouble. When choosing a theme make sure it is from a trusted source. A quick Google search may just save you a lot of headaches. Search for the theme name and the developer’s name. Look for reviews, good and bad. Ask for recommendations on social media from people you trust. Do your homework before deciding on a theme.
- Only use updated themes. It’s very important to check when a theme was last updated. Security flaws are found all the time and themes need to be updated to reflect issues. If a theme hasn’t been updated within the last year, you should reconsider using it. If you are using a theme from the WordPress Theme Repository the latest date it updated is listed on the theme page as well as the latest version of WordPress it was tested with.
- Check for potentially malicious code. Unfortunately with the growing popularity of WordPress more and more shady developers are releasing free themes that contain malicious code. If you know what to look for you can manually review the theme files for any malicious code. Another option is to use a plugin, such as TAC or Theme Check to test the theme. There is an excellent article over at Six Revisions that explains how to check a theme for potentially malicious code.
- Is the developer active on social media Is the developer who created the theme you want to use active on social media such as Twitter, Facebook, Google+, or forums? If they are not active anywhere it may be a sign that they are not going to be easy to get a hold of if you need support. If the developer has a support forum on their site check to see how recently support questions were answered. Not all themes come with support, especially free themes, but if you chose to pay for a premium theme it’s important to know that help is available if needed. If a developer is active in the WordPress community then he or she is probably actively keeping their themes up-to-date as well.
I personally tend to use StudioPress’s Genesis framework for most of my client’s sites just because love it. But there are a large number of good sources for WordPress themes both free and paid. It’s just a matter of finding the them that fits the message you want to send. By choosing a safe WordPress theme you can concentrate more on creating content to build your platform and increasing your income.