Theme Authenticity Checker (TAC) wordpress plugin resources analysis
| Download This Plugin | |
| Download Elegant Themes | |
| Name | Theme Authenticity Checker (TAC) |
| Version | 1.5.2 |
| Author | builtBackwards |
| Rating | 98 |
| Last updated | 2014-05-03 02:25:00 |
| Downloads |
386266
|
| Download Plugins Speed Test plugin for Wordpress | |
Home page
Delta: 0%
Post page
Delta: 0%
Home page PageSpeed score has been degraded by 0%, while Post page PageSpeed score has been degraded by 0%
Theme Authenticity Checker (TAC) plugin added 5 bytes of resources to the Home page and 19 bytes of resources to the sample Post page.
Theme Authenticity Checker (TAC) plugin added 0 new host(s) to the Home page and 0 new host(s) to the sample Post page.
Great! Theme Authenticity Checker (TAC) plugin ads no tables to your Wordpress blog database.Scan all of your theme files for potentially malicious or unwanted code.
What TAC Does
TAC stands for Theme Authenticity Checker. TAC searches the source files of every installed theme for signs of malicious code. If such code is found, TAC displays the path to the theme file, the line number, and a small snippet of the suspect code. As of v1.3 TAC also searches for and displays static links.
Then what do you do? Just because the code is there doesn't mean it's not supposed to be or even qualifies as a threat, but most theme authors don't include code outside of the WordPress scope and have no reason to obfuscate the code they make freely available to the web. We recommend contacting the theme author with the code that the script finds, as well as where you downloaded the theme. The real value of this plugin is that you can quickly determine where code cleanup is needed in order to safely enjoy your theme.
History
TAC got its start when we repeatedly found obfuscated malicious code in free WordPress themes available throughout the web. A quick way to scan a theme for undesirable code was needed, so we put together this plugin.
After Googling and exploring on our own we came upon the article by Derek from 5thiryOne regarding this very subject. The deal is that many 3rd party websites are providing free WordPress themes with encoded script slipped in - some even going as far as to claim that decoding the gibberish constitutes breaking copyright law. The encoded script may contain a variety of undesirable payloads, such as promoting third party sites or even hijack attempts.
Screenshots
