Something that has been bothering me

Joined
Feb 17, 2017
Messages
40
Likes
34
Degree
0
I have a question that may or may not offend. But my intention is not to offend. It's just something that I have been wondering about ever since I started to play around with wordpress themes.

My question is to all experienced people: Is there ANY possible way that creators of wordpress themes can get information about your website? Is there a way that your website activities can be monitored? Can wordpress themes in any way, shape, or form compromise your website? A code written in the back-end that does something like this? Or other ways to get data using wordpress themes?

Or is this just nonsense that I'm thinking?
 
It can definitely happen, and happens fairly often. Whether it's the theme's author adding the code themselves, or a malicious site where you may have downloaded the theme from (Getting paid themes from free sites, for example), or a hacker who finds their way in after the fact.

Wordpress themes can compromise your site in any number of ways, shapes, or forms. There are precautions you can take, but it's never 100% bulletproof.
 
Most definitely possible and id say that themes are a popular method of back dooring a site.

It happened to me many years ago from a dirty theme I downloaded. As tempting as it may be, stay away from "sampling" paid wp themes it's just too risky.
 
Any time you install code on your server, whether it's from a WP theme, plugin or an open/closed source project, you could be giving someone an open invite to set up camp on your site's back-end. The extent of what can be compromised is limited to various factors such as file permissions and how "hardened" the server itself is. In rare circumstances, compromising a WP site can lead to the compromise of the entire server, all the way to gaining root access. Again, this is rare and the #1 cause of that type of compromise is poor server config, lack of sysadmin experience and bad practices such as using the same password for everything. My advice would be, when in doubt, leave it out.
 
Back