We’re sour on third-party WordPress themes for a good reason
Everyone who’s dabbled with building their own WordPress website has seen the vast repository of free WP themes available, or the commercial themes that are out there. Likewise, we’ve all seen the multitude of design firms that tout “custom” and really end up manipulating a third-party theme for their clients (shhhh… not pointing any fingers here.)
Why not just use a pre-built theme and call it a “custom” WordPress website?
A true Custom WP theme is built from the ground up, not only for the purposes of customization, but for security reasons as well. Not all third party themes are risky, but there are quite a few out there that have been compromised time and time again, allowing hackers to access your site, take it down, deface it, use your email to send spam, overload your bandwidth, the list goes on. I won’t mention any names here out of courtesy to those developers, but if you search for theme vulnerabilities you’ll see a long list of culprits. I myself have cleaned up several hacked websites (many of which used themes that were purchased and listed on security feeds to warn developers). The cost to clean up a hacked website is more costly than doing it right the first time around.
If you value your reputation, your business, your customers, and your money, a custom website is the way to go.
Has Your Website Been Hacked?
Many vulnerabilities are traced back to themes (and plugins, but that’s another article for another day). There are many resources to check for the latest vulnerabilities, such as WPScan Vulnerability Database or the Wordfence blog, but that doesn’t mean every theme and plugin is listed there before hundreds of sites are compromised.
According to an article by PC World about the Slider Revolution exploit sold by Code Canyon:
“Many developers use third-party components and libraries in their own software projects and fail to keep up with their security updates. This can lead to situations where a vulnerability is identified and fixed in a software package, but lingers on for months or years in other applications.”
That’s only one of the reasons themes can become compromised over time. Another reason may be the custom components built in to the the theme administration panels, where coding becomes outdated and neglected, leaving a backdoor open for hackers. It’s best to Keep It Simple, Sally… all that extra code to create “ease of use” admin panels that comes packed in themes that boast huge amounts of custom components for you, may not be such a great idea after all…
Ready To Replace That Old Third-Party Theme?
We are too! Contact us for a Free Consultation and find out how we can help your site look and function better, while securing your site too!