Mar 11, 2008 - Development    23 Comments

Check For Nasty Footers In WordPress Themes

cryptic Check For Nasty Footers In Wordpress ThemesOver the past few weeks, I’ve seen an increase in Base64 encoding in ‘free wordpress themes’… now bear with me if you have a wordpress… its not really that technical!

Base64 is just a way to encrypt code, usually in WordPress themes, its used to encrypt the footer template and 9 time out of 10, its an attempt to ensure that the designer is given credit by means of a link back to his website. Fair enough as they have put in the hard work.

However as the footer is encoded, it means that don’t actually see what else may well be hidden in the footer, something that has always concerned me. Maybe there are links to unfavourable sites, bits of java, images? It’s even possible to encode an iframes command that loads a merchant websites (basically cookie stuffing)! It’s definately something to be aware of, and in my opinion, something that as an affiliate, you should check and decode any Base64 footers to be sure everything is above board.

How will you know?
Well, an encoded footer will look out of the ordinary to any website owner. Instead of seeing the usual A HREF, IMG SRC or DIV codes, you will see something like this;

(base64_decode(‘FZnHDoRVElF/cmI7Iw5rpzUjvPc0pi8rvPeer9+eEyeoykdTxFjx13///dc/ijPp/6jecyz7cS/
+VZOtILD/5VI25cUf/xTzXF6nL5NKRLWW3oYgKuOvbaBUujXEvUvPQGkBK/0yywQt8Hue
sEyCoF2CuBvl47UC6TqPq9IeZgmQMlq+ZHbYy3ab28qcdLk167CdeHFGIeRZRN5wrsOKO
/o5kfSkR7T0mfxlz5jAl2h6k/vi7S4muQZQj8Qkn6j/mRpJ9YBahj4////V/’)

Obviously, unless you are a freak of nature, you won’t stand a chance of being able to read what has been encoded, and therefore you could be opening yourself up to problems in the future. In my opinion, the best thing to do is to decode the file and reload it to your webserver, leaving in place the link to the designers website, but at the same time, ensuring there is nothing dodgy lurking in the code.

How do you decode base64?
Download and extract this Zip file. Follow the instructions and you should then be able to easily and quickly decode any base64 encryption.

Is it ethical?
Many people think its unethical to do this, as some will remove the links to the designers homepage. However, I think I have a right to know what my website is linking to rather than trusting an encoded script. I have also read in places that its illegal to decrypt Base64 although I suspect this is a white lie. Sometimes, like in this theme (this was encoded), I want to add links to RSS feeds, Sitemaps etc. By decoding it, it then allows me to add anything I wish to in my footer – and you will notice that I still leave the link in place to the original designer.

  • http://www.gadgetheaven.co.uk gadget

    Nice spot Frostie.

  • purple

    Great post, I use a theme that if I take the designers link down, it puts a huge message on my page saying words to effect this person is using a theme without giving credit in big words.

    I dont mind linking back more worried that I can’t see the other code which might be on my site

  • http://www.leavingthedayjob.com Monty

    Good work Frostie. There are also lots of online Base64 decoders such as this one : http://www.opinionatedgeek.com/dotnet/tools/Base64Decode/

    If you have Firefox with the web developer add-in you can use “View generated source” to see what the source code looks like after any Javascript has run and added bits in.

  • http://befused.com be fused

    I would have thought that this practice would be breaking the GPL big time! Open source is, well, open source. You should not go about encrypting bits of it, that is bang out of order and against the spirit of open source.

    Having said that, if someone makes a theme and puts a link in it, then it is only respectful to leave the link there. They did the work in making the theme after all.

  • http://www.webaffiliate.co.uk Chris Frost

    Yeah I agree about the GPL/Open Source issue. My main gripe about encoding is not knowing what has actually been encoded.

    I must admit, I don’t feel bad by decoding, adding my own links yet leaving in place the designers link to his homepage. As you say, its only fair.

  • michael

    excellent, thank you!

  • http://www.egyptventure.co.uk/ Egypt Property

    It is important you mentioned this. I heard about shoddy links in WP blogs and therefore always go to the source to download the themes or the plugins. Naturally, a developer could be doing this too, but he wouldn’t last long so the chances are slim.

    Thanks
    Ravi

  • http://www.themarketingmentor.co.uk Alastair Campbell

    Worth knowing – who’d have spotted this??

  • http://www.96cougar.com/CarBlog Anthony Irwin

    just wondering, the code I have has the base64_decode part at the end of it all.

    I can’t seem to find anything that will decode it.

  • http://www.webaffiliate.co.uk Chris Frost

    Anthony – Ites definately base64 as in the code you’ve pasted, it says “….;eval(gzinflate(base64_decode($….”

    There are a few online convertors too from memory which you may want to give a go with. Let me know if you still have problems.

  • asdani

    thanks..great post, great tips and tools. Now i can remove “junk” link in my footer template… thanks again..regards..

  • Michelle

    You are my hero – I was so glad that this was one of the first links to show when I did a search for a base64 decoder. I do agree that people should get credit for their designs and such – but there are some links that I feel are inappropriate at times and don’t want them in my footers. Thank you for posting this tool! :-)

  • http://deliciouslydirty.com/ Dirty Diva

    This is a great post! Not only did I find nasty “diet pills” code in base 64 on a template I tried, but they had pre-built in the Google Adsense block – in the post – using their own PID! Now I am perfectly happy to give credit where credit is due – but that is crazy!

  • bani

    You’re best!….Thanks!!!

  • http://www.skepticalbeliefs.com Darren

    This is great. Thanks!
    I’ve downloaded WordPress Templates that had bad crap in the footer. So, this is much appreciated.

  • http://sitesires.com Courtney

    Just to ease everyone mind.
    You can do whatever you want to a theme so long as it’s being used by your WP installation. Once it’s plugged into WordPress it now falls under the same GPL licensing restrictions. Most theme authors aren’t even aware of this, but that doesn’t make it not so, and for those that do know but still encrypt there footers with a tagged message saying that the theme is protected under copyright protection, are just trying to protect their investment with a link so that they can get paid…..however, you can decode it, reverse engineer it, alter it, delete it or do anything you would like to the footer….you could even leave the footer intact, with linkage back to the author ;)

    You can read some words from the WP man himself about the legality of changing the footer, or anything in the theme for that matter, he really nails it
    CLICK HERE
    Or if you’re really worried, freshen up on the actual licensing topic at hand http://www.gnu.org/licenses/gpl-faq.html#GPLAndPlugins
    Hope this helps!

  • http://www.usbmemorysticks.net DTs Flash Drive Blog

    Phew, that’s good to know. I don’t mind giving credit to authors either but when the encrypted footer is plastered with links that’s just annoying. Why can’t just one link suffice and why do they all have to be nofollow? It is in my case. Consider that this can hurt pagerank, especially if the “neighborhood” isn’t good. Anyway, I think I will be able to change my footer now. Thanks for the post and comments!

  • http://topsecret.darwinaw.com the

    The GPL, allows you to do anything you want to any GPL code, it simply requires copyright information is left in the source files. Not in the html source code (view source) but in the files that no one sees sitting on your server doing things.

    The theme/plugin/whatever doesn’t become GPL as soon as you plug it in, it is GPL by it’s very nature of being a theme/plugin/whatever FOR a GPL system. There is a big difference between the GNU GPL and open source software. GPL is not open source (which is actually quite restrictive), GPL is FREE software. Free as in “a Bird” not Free as in “buy one get one Free”

    First thing anyone should do with a wp theme is check the footer and remove everything. If you want to keep a “theme created by” link, I would suggest adding nofollow. Again GPL, so perfectly ok to do this.
    Anyone who creates a theme simply to get themselves a backlink in site footers is not playing within the spirit of the GPL anyway. In GPL, you create something for yourself, and release it in the hope it is useful to someone else. If people want to expand on what you’ve done, that’s even better.

    And it’s not illegal to decrypt base64. if it was illegal, base64 wouldn’t have 2 functions: base64_encode() + base64_decode().

  • http://www.creditcardofferonline.com Jon mathew

    Shall i remove wp_footer()from my theme?

    if it is removed, what will happen?

  • http://xvivek.blogspot.com Vivek

    thanks bro it really worked for me even on local php host,

  • Premium Wordpress

    Oh man, this is just what I have been looking for, but, when I decode mine, I still get some encoded stuff, the string at the start of my footer is eval((base64_decode(

    A bit different than yours, do you know how to decode it, it seems to be double encoded.

    Thanks

  • Ruslan G.

    Thanks soo much I have been on the internet looking for websites to decode it then you told me to copy some of the footer code, never thought of that.

    Thanks!

  • http://nicetheme.net Jen@encrypt wordpress footer

    decode the Base64 is very simple. but do not encourage this