When searching the Web for free themes outside the WordPress directory, be aware that not everyone on the Internet is a stand-up citizen and card-carrying member of the WordPress community. The vast majority of WordPress theme developers, no matter the experience level, are fans and friends of WordPress. You do have to watch out for that tiny minority, however. The popularity, open code, and ease of use in making WordPress themes are attractive to those who use the Web's powers for ill. With just a small bit of obfuscated code in an otherwise innocuous and beautiful theme, your web server could become part of a zombie army of machines participating in a Distributed Denial of Service (DDoS) attack on some other website, or be used in a phishing scheme to mine passwords and other personal information from your visitors—unbeknownst to them or you.
Your safest bet is to always use themes made available through the WordPress Free Themes Directory. The folks who submit themes to the directory are members of the community, by definition, because they follow the community's rules. Short of that, themes can be imperfect. They are collections of programming code and, thus, can have bugs. What works right on one computer doesn't necessarily work exactly the same way on another computer with a different set of applications, or a different set of WordPress plug-ins.
Whether the theme comes free of charge or is a premium theme that you're paying for, be a smart consumer. Don't be afraid to ask the developer questions before installing a theme that comes from outside the traditional channels. The speed and helpfulness of a theme developer's answers before an install will also tell you how responsive that person (or company) is likely to be in dealing with support issues later.
Even the most upstanding members of the theming community can still have themes attacked. See how Thematic developer Ian Stewart had his birthday ruined: http://themeshaper.com/ themeshapercom-hacked, and how he dealt with it: http:// themeshaper.com/dont-get-hacked-wordpress-security-tips.
Was this article helpful?