Use caution when selecting your WordPress theme

I read an eye-opening article today about the hazards of (some) free WordPress themes. The article, entitled “Why you should never search for free WordPress themes” analyzes the code in WordPress themes downloaded from the top 10 Google results for the search query “free WordPress themes”. MOST of the themes the author, Siobhan McKeown, examines are problematic: from the most benign (e.g., not being updated to the current version of WordPress) to the sneaky (links hidden way off screen using CSS) to dangerous…most of the free themes downloaded included base64, an encoding scheme often used to hide malicious code, which can mess up your site big time.

This is not to say that all free WordPress themes are bad. But be cautious about how you find them. The one link in her top 10 Google results that was worthwhile was the link to WordPress themes on Even here (or anywhere—even with commercial themes), you need to check to see how up-to-date the theme is with the current version of WordPress. But at least you won’t have to worry about infecting your website with malware.

I’m a loyal user of Thesis, which is not a free theme, but I well-designed, well-supported theme framework. Although you could use the Thesis design right out of the box, as a framework it is intended as a launching pad for developing your own, unique, branded designs. Unlike many themes, you are not limited to a set layout, and absolutely not limited in terms of color or typography. In addition, there are tools for enhancing your on-page search engine optimization.

As of today, DIY Themes has release Thesis 2.0. I’ll be updating the design of this website in the near future, and am looking forward to the opportunity to test drive Thesis 2.0.


The Hidden Costs of Open Source Web Design

In a previous post on open source web development platforms, I gave some background about exactly what Open Source means in terms of web design and development. In this post I’ll delve a little deeper into the pros and cons of using and open source web design and content management systems (CMS).

The main attraction to open source systems, for most people, is cost. As in zero. Zip. Nada.

OK, you still have to pay for your web hosting. But budget web hosting starts at under $100 per year.

Once you get your website up and running on your budget web host, you install your theme and plugins (I’m using WordPress terminology here, but the same applies to other open sources CMSs). There are thousands of free themes and plugins, but there are some with more advanced functionality that have licensing fees. These are not going to break the bank, but they can add to the “free” price tag.

Why would you pay for a plugin or theme, when there are usually dozens of free alternatives?

  1. Quality. Free plugins and themes are created by developers for a variety of reasons: as a labor of love, to give back to the community, to learn new skills, to boost a resumé. And although most developers of free plugins are competent, some are not so competent, and their work can be riddled with bugs. Someone who is selling their work as a business has a vested interest in happy customers.
  2. Dependability. For many developers, writing a free plugin is a side project—something they do in their spare time. A new job, a new baby, or simply getting bored and moving on may mean that a plugin is no longer supported. As newer versions of the core software are developed, the free plugin you love may no longer work as the developer does not make the necessary changes for it to keep up with core upgrades. Unless a business goes out of business or discontinues a product, they are likely to do their best to keep it current.
  3. Ease of use. Many plugins are easy to use as a tricycle, which is one of the aspects of open source web development that is so exciting to a web designer. But some plugins still require a greater knowledge of HTML or PHP than your average user is likely to have. Businesses—the successful ones, at least—know that their customers are not likely to be fellow engineers, and will go out of their way to make the software user-friendly.
  4. Documentation. Plugin developers are focused on the code and functionality of the plugin. There is usually some minimal amount of documentation, but for more complex plugins, it may not be all the information you need to get the most out of the plugin. Often, it is written in engineering-speak rather than user-friendly language. Businesses are more likely to hire an experienced technical writer to write documentation—or at least to give documentation more than a glance and a nod.
  5. Support. This can be iffy whether the plugin is free or purchased. It’s rare that there’s an 800# you can call and talk to someone about your issue—but that’s par for the course with most software these days. Hopefully, whether pay or free, there will be a forum where you can post a question, and be helped not only by fellow befuddled users, but by the developer or a knowledgeable person on the developer’s team. The more complex and critical the software—e.g., an ecommerce system—the more important it is that you know you can get answers when you need them.

Yes, these are generalizations. There are developers of free software that is easy and solid and well-documented and well-supported. You can pay good money for difficult to use, buggy software with poor documentation and no support, that is abandoned by the developer after version 1.1.

So how do you figure out what free software to take advantage of, and which is worth paying for? More on that question in a subsequent post.


Open Source Web Development Platforms

Several of the most popular web development platforms, including WordPress, Drupal and Joomla, are “open source” software. What does that mean? Why should you care?

Open source software is developed in a very different way than proprietary software. Proprietary software is developed along the same lines any commercial product is developed, under the control and direction of the decision makers in a corporation. Open source software is developed by volunteers who work on everything from the source code to bug testing to documentation.

The open source software movement dates back to the 1980s. The Linux operating system, which is now one of the main operating systems used for web hosting servers, was one of the first major open source software efforts. Open source software is available for free to anyone who wants to use it; the source code is available to engineers who wish to change, improve or adapt it.

The philosophy behind open source software is well stated in this mission statement from the Open Source Initiative:

The basic idea behind open source is very simple: When programmers can read, redistribute, and modify the source code for a piece of software, the software evolves. People improve it, people adapt it, people fix bugs. And this can happen at a speed that, if one is used to the slow pace of conventional software development, seems astonishing.

We in the open source community have learned that this rapid evolutionary process produces better software than the traditional closed model, in which only a very few programmers can see the source and everybody else must blindly use an opaque block of bits.

So how does this work in the real world, without descending into chaos? These pages can give you a glimpse into the process:

Although open source projects generally begin as the brainchild of a small group of people, the larger open source web development platforms have spawned nonprofit associations dedicated to advancing the development of the software. The WordPress Foundation, Drupal Association and OpenSourceMatters (for Joomla) are nonprofits backing these three popular web development platforms.

Although WordPress, Drupal and Joomla are the most popular, they are far from the only options. As of this writing, there are 141 different content management systems listed at And that is just content management systems. Virtually every type of software can be found in an open source version.

In addition to contributing to the core software, programmers can expand the capabilities of a web development platform by writing add-ons for specific purposes. These are called modules in Drupal, extensions in Joomla, and plugins in WordPress, but they all serve the same purpose of expanding the functionality of the platform for specific applications.

As of this writing, there are 15,614 plugins available for WordPress. Plugins (and their Drupal and Joomla counterparts) add specific functionality to a website: a photo gallery, social media integration, ratings systems, events management—you name it, there is probably a plugin available. The advantage of plugins is that a non-programmer can easily add advanced functionality to a website. On this website, WordPress plugins are the basis for the portfolio, the home page animation, and the contact form; they protect comments, forms and email addresses from spammers and display my twitter feed on the blog pages.

Open source web development platforms are free, and make it easy for a non-programmer to build a sophisticated website. There’s a lot to like about them. But they do have their pitfalls. In a subsequent post, I’ll dig a little deeper into the pros and cons of open source web development platforms.

1 comment