A couple of weeks ago, I have stumbled upon an interesting analysis regarding “free WordPress Themes”. While this is specific to Themes, I believe that it also applies to just about anything free. Maybe, this is one of those moments that I should take the time to say that although there are a vast amount of “top notch” free something out there, not everything free is good and reliable. So when recommending something free, ensure that at the very least it comes from a reliable or vouched by a credible source. If you want to know, why you should never recommend anything that you have not used yourself or know of someone you trust that did, you will want to see this example.
Free WordPress Themes (the upside)
Why not? Free Themes are all over the place and some of them are really, really good. For people with a low budget (not necessarily), this is an option that is very appealing, as you can get from simple to super advanced, SEO optimized, featured pack themes that makes you wonder why even buy one. You can even get free wordpress theme frameworks, where in some cases include free child themes, skins, and more. A friend of mine dubbed them, “Freemium” (free premium wordpress theme). Are they recommendable? Of course they are, and more specifically if you found them “inside” the WordPress.org (highly trusted) repository.
Free WordPress Themes (the downside)
This is the scary part as being a non tech savvy guy, like me, you might neglect this “big” tiny detail, that can make you think, a lot of times over, before hitting that install button.
The main problem and scary part of Free WordPress Themes is its source. Where did you find them? How much do you know about their developers? Do they have “undercover” agents, waiting silently to one day, cause harm and do damage to you? Come to think of it, this applies to almost everything “free” you bump in to the internet.
I don’t want to go further on this one right now, as I would ask you to jump over to MPMU.org and read what Siobhan has to say. In a nutshell, she searched for the term “free wordpress themes” and analyzed each website that appeared on the first page of Google. Really, if you are into free WordPress themes or getting readu to install one, please read it (you won’t be sorry), otherwise you will not understand the rest of this post. Then come back here (link opens new window).
Alright then. If you read it well, now you understand why I said “interesting” (almost scary actually), and the underlying truth is that “malicious” stuff exist, and it is something that you should always be aware of.
Some Recommendations:
1) Avoid as much as possible to install free WP themes that are not included in the WordPress.org repository. I know that there are not a whole lot of “sweet” themes over there, but it s a safe haven for free themes (good to start).
2) If it is not included in the WP repository, find out more about the developer. Maybe he/she/they have plugins that are in the WP repository and that is an indication that they could be trustworthy. Read ratings, reviews about the themes, ask people or friends who have them installed and … You got the point, just research as much as you can and then decide.
3) Backup, Backup, Backup.. How many times do we see this. Are you doing it? N0, do it. Yes, do it regularly. Also, and as a matter of precaution, old school teaches us to rely on automated stuff 99% of the time. The remaining 1% tells us to make a “full manual backup” at least every two or three months, depending on the amount of data you have. Here you can find some recommended backup WordPress plugins.
4) Run the TAC (Theme Authenticity Checker), Exploit Scanner, or Theme Check, as recommended by Siobhan, before activating the theme. This can give some peace of mind.
5) Not sure what theme to use? Here are three free themes that are in the WP repository, that I can recommend: TwentyTen Based Themes (simple), Magazine Basic Based Themes (intermediate) and Arras and BomBax (advanced and highly customizable, but easy to use). There are more of course, but these are good to begin.
6) Consider investing in Premium themes that are tested, proven and are being used by countless top rated bloggers. Premium themes are no longer expensive as they used to be and considering that you get free updates, high grade support and all that, a $50 – $100, one time investment is nothing compared to what you can loose. Some of the themes, I recommend are Thesis, Genesis, Headway (aff links) or the more affordable Elegant Themes (very good choice). I have them all and I am very satisfied with all three themes. If you are in between Thesis and Genesis, here’s a great post that can help you decided – Thesis Vs Genesis.
Conclusion
Is it worth the risk? You are working hard to develop your website and maybe even building your business around it. You do not want to compromise your hard work and find that one day, scary things happen. Whether you decide to go for a free or premium WordPress theme, just run the checklist of things to look at first.
What say you? Are you using a free or a premium theme? Please tell us what theme you are using. This serves the purpose of themes being recommended by “people” who are already using them and are satisfied with it. Thanks for you contribution.
Windows 8
But what if we download from some quality sites like web2feel and all they provide free wordpress themes, though I am using premium themes on all my blogs so I dont have to worry about this
Hi there. Guess if you trust a site and the developers of the Theme, you should not worry about this.
Nice post. Well, I am not on WordPress but I think you are right. Free things can compromise with your site security and related things. Also, I think that you really don’t get much features with free themes. Customization is also limited. The same thing also goes for Google Blogger. Thanks for the heads up!
Hi Aswani. I thought you were thinking of moving to WordPress? Anyway, you are right about the security issue and it is actually very important when you are in the sphere for business purposes. Thanks for stopping by.
Brandon Cox
I’ve learned to apply this same reasoning to WordPress plugins as well. I avoid anything that uses IonCube loader or any other encrypted code. You should be able to glance over the php files and determine the basic content of them whether you actually know php or not. If it looks fishy, ask for help.
Hi Brandon. Same reasoning on plugins as well is definitely good as I don’t see any reason why it should be different from a theme itself. Thanks for stopping by.
Yeah, there are a lot of rehasers there that want to take other people’s work and put their links or even worse, malicious code, into it and give it as their own. That is why people should always use something trustworthy, if they are not tech savvy and don’t know how to look at the source of their themes.
But, here is an other issue. I say that am wpmu, all themes that contained links were derogated as being bad. I wonder, if I take my time in designing a theme and I put one (just one) of my links into it, does that make it malicious?
Hi Alex. As far as I understood well from WPMUs analysis, a link only in itself is OK. I am pretty much sure that it is not considered as malicious as the “credits” are also there. I think that what they are highlighting basically is the presence of code64 codes and that appears to be a very bad bug π
Murlu
Exactly right man – there’s a lot of crappy things that people will do to free WP themes and if your site is off linking to a spammer site; you can get in hot water because of it – way better to play it safe.
Safe is the keyword here Murlu. The general idea is for people to be aware that “certain dangers” are out there and playing it safe is a part of the “big picture” π
Tinh
Good advice and I think you are right. However, not all themes included in WordPress directory are good as many plugins there are very bad and dangerous too π
I hear you, and although WordPress.org is not a 100% safe haven, it is still safer than other dubious sources. The bottom line is exactly what you are saying, “not all are safe” and care should be applied. That, I totally agree. Thanks for stopping by
steven papas
hey you were so right in insisting to read MPMU’s report. I wouldn’t have known these hidden threats inside the themes. To be honest, I used free themes in the early months after launching my blog; now I use Thesis.
Wise choice on Thesis Steven and Yeah, I too got surprised when I read that analysis. I still use some free themes, but they have been proven to be reliable and safe. Not all free are created equal, but taking extra care is the idea that I am bringing up here just for people to know that such “risk” exists
Brad Harmon
I had a few early on in my blogging career that I thought were cool, but I quickly knew I was in trouble when the required attribution links took me unexpectedly to viagra and other pharmaceutical sites.
I am using Thesis for all of my blogs now, and I have one skin that I am using that’s free but it’s from a reliable source. The investment in Thesis was well worth it to give me piece of mind.
I’m with you on that “piece of mind” Brad. The investment is actually very small compared to the benefits and quite frankly this is one of those things that I recommend “buying”. The theme you have chosen is also my favorite although I am using Genesis on another website and it is also good. Free Thesis skins are also widely available and most of the sources are pretty safe. Thesis Awesome and Kolakube are amongst the good ones.
Anne Sales | Coupon Codes
Thanks for raising the flag, DiTesco. I was thinking I would make my own theme but I think I will need a few more years training. Anyway, as long as WordPress offers free themes that are customisable, I think I will have to settle for that for now.
Hi Anne. No problem going for free WP Themes, just be careful where you get it from. A safer bet will definitely be in the WP Repository and there are lots of customizable themes over there. The examples I gave above are great. If you want a rather sophisticated one and is still free, try Hybrid. This one is really good and is not for sale π
Todd
When looking for a free magazine theme, I ran into quite a few bad ones. I finally stumbled on one by accident. I am planning to upgrade to a premium theme this year, but for now the freebie is how I roll.
Lakshmi Muralikrishnan
Good post! I know wordpress free theme but not using. Now I get some information and ideas! First I try after that I will share experience.
lawmacs
This is something i have notice for a long time Ditesco most of these free themes comes with the footer file encrypt and display lots of links whenever i test a theme i always look at the codes especially the ones in the fuction file . Thanks for higlighting this issue
Emily from Video Avatar
Instead of using Free themes because I want something personalized, is it affordable to hire someone to do CSS or can I learn it?
Allie
Now I am scared! I knew I should have gotten a premium theme but when you are new to blogging and limited money you have to skimp some places but I hope I don’t regret where I skimped.
I used Atahualpa. So far I am very satisfied. I will stick with them as long as nothing goes wrong or I can pay someone to develop my site for me.
Thanks for the great article.
Hi Allie. I understand what you mean but the purpose was not really to scare you but rather to provide you with some information that these things happen and care should be taken when choosing a free theme. Atahualpa is good and is as far as I know “bug free”. I use it in one of my websites so, that should be a sign of relief, lol. Thanks for stopping by.
Toby Aletha
Yeah, i have ran into this stuff before. I downloaded 1 free theme in my life and I never downloaded a free theme again after that. Well I guess nothing is really free in this world. There is always some form of payback for every “free” stuff you get over the internet. Even Facebook is not free, since you give out your personal information in exchange for their service.
Caleb
Most of the time they hide the malicious stuff in encrypted coding found in the footer files. This is why when I do use a free theme I usually delete its footer and make my own π
strumpfhosen
Sometime, free theme or premium theme but can be found free are contain “inject-code” or “redirect-code” that can be harmful not only to your blog, but to the blog visitors also. Usually “inject-code” will inject a virus, or spyware into computers of visitors. This is very dangerous. One day, maybe your blog will be flag as spyware blog from Google or other search engine site. “Redirect-code” is function to send visitors of your blog to a specified URL. This can be considered as a technique to steal traffic. Whether stolen half of your traffic or all of your traffic is dependent on the stolen code is.
Chris
Great post DiTesco!
I think it just depends on what your blog will be used for. If you want a personal blog that you plan to just write for fun, then I think a free theme would be fine.
However, if you are trying to make some money online and will be using your blog as a secondary source of income, then you should definitely purchase a premium theme for your blog to give it a professional appearance and help you towards that goal.
For a small investment, there are so many beautiful theme options available.