In today's age of viruses and malicious downloads, it's vital to trust the source of anything. Even WordPress Plugin and themes.
But how do you know which to trust? There are ways, so let's explore how you can go about identifying those themes and plugins that are safe and of good quality.
Can You Trust That WordPress Plugin Or Theme: The WordPress Directory
The WordPress directory of plugins is chock full of themes and plugins, all offered for free, and curated by WordPress contributors. They inspect each one and maintain the list in order to keep all content trustworthy. Any themes or plugins that are suspect are removed, most before they even have the chance to be published.
Can You Trust That WordPress Plugin Or Theme: Read Those Reviews
While perusing the WordPress plugin directory, you are treated to figures related to download counts and reviews. As expected, if a plugin has a high download count (over 100,000 downloads), it can be trusted more than others. If others have downloaded it in such high numbers, it must have worked out for them. Obviously, there will be new plugins that have a low download count although they are just as trustworthy. In this case, look to reviews.
Registered users are able to rate each theme or plugin up to 5. These reviews are an excellent way to decipher how well the plugin or theme has worked for others. You can also gain information as to specific features and functionality, as well as any conflicts you might run into due to other themes and plugins you have installed.
Regarding those 1 out of 5 reviews: read them. Sometimes a user will give something a negative review when it's not the plugin's fault. Maybe they didn't research the plugin and see that something they have running on their site conflicts with it. WordPress moderators read through reviews regularly to guard against these false-negative reviews.
Can You Trust That WordPress Plugin Or Theme: Put The Support Area To Work
Every plugin and theme that is contained in the directory has a subsequent support area. Head on over and see what issues users are having, and if they will affect your installation.
Look for the resolved situations, measuring them against the unresolved situations. This will show how active the author of that plugin in its own support area, and how frequently they correct problems and fix bugs.
Can You Trust That WordPress Plugin Or Theme: Version
When was the plugin in question last updated? If it hasn't been updated in over 2 years, stay away from it. WordPress has changed in terms of base code, and developers should have adopted new functions and processes to ensure compatibility.
Can You Trust That WordPress Plugin Or Theme: Stay Away From Free Themes
Free themes in the directory are totally okay. It's the other free themes offered in various corners of the Internet you should avoid. WordPress cannot police these themes, and the code can contain just about anything you can imagine. Whether performance issues or security issues, you just don't know what you're getting.
It could be the case a malicious developer has created a seemingly harmless WordPress theme that emails your entire installation complete with usernames and login credentials to the developer. Maybe a script is running in the background that emails information about visitors to your site. Either way, you'll never know.
Can You Trust That WordPress Plugin Or Theme: Watch Out For base64_decode
Another way to look out for your safety is to search your theme or plugin files for “base64_”. Developers stick this function into the code to insert encoded scripts you will have a hard time finding. If you come across this, remove all instances from your files, and if you can't, ask the developer why it's there in the first place.
Can You Trust That WordPress Plugin Or Theme: Code Compatibility
There are requirements WordPress sets out to anyone developing a theme, but not all developers follow these guidelines. In some cases, when you begin to customize the theme to your liking, things will stop working properly.
If you don't see functions such as wp_enqueue_style() or wp_enqueue_script(), which are simple to implement and also required of WordPress within the code, contact the developer to get your money back for said theme.
Hopefully you can easily spot trustworthy plugins and themes now, guarding both yourself and your users from any malicious activity or wasted time and money!
Have you run into trouble with WordPress plugin or theme?
Photo courtesy of Sean MacEntee via Flickr Creative Commons
WordPress plugin’s WP Super Cache has security vulnerability in older versions. Hackers are targeting outdated version of users website. Persistent XSS threat is affecting WP super cache plugin. An attacker is using crafted query which could insert malicious script to the plugin’s cached file listing page. Users need to update the latest version by this update they can protect their Plugin.