Use caution when selecting your WordPress theme

I read an eye-opening article today about the hazards of (some) free WordPress themes. The article, entitled “Why you should never search for free WordPress themes” analyzes the code in WordPress themes downloaded from the top 10 Google results for the search query “free WordPress themes”. MOST of the themes the author, Siobhan McKeown, examines are problematic: from the most benign (e.g., not being updated to the current version of WordPress) to the sneaky (links hidden way off screen using CSS) to dangerous…most of the free themes downloaded included base64, an encoding scheme often used to hide malicious code, which can mess up your site big time.

This is not to say that all free WordPress themes are bad. But be cautious about how you find them. The one link in her top 10 Google results that was worthwhile was the link to WordPress themes on WordPress.org. Even here (or anywhere—even with commercial themes), you need to check to see how up-to-date the theme is with the current version of WordPress. But at least you won’t have to worry about infecting your website with malware.

I’m a loyal user of Thesis, which is not a free theme, but I well-designed, well-supported theme framework. Although you could use the Thesis design right out of the box, as a framework it is intended as a launching pad for developing your own, unique, branded designs. Unlike many themes, you are not limited to a set layout, and absolutely not limited in terms of color or typography. In addition, there are tools for enhancing your on-page search engine optimization.

As of today, DIY Themes has release Thesis 2.0. I’ll be updating the design of this website in the near future, and am looking forward to the opportunity to test drive Thesis 2.0.