The Dark Side of Pirated WordPress Themes
We all like to get something of value for free but how far would you go to land a premium WordPress theme for your e-commerce site? Would you, for instance, consider downloading a pirated theme?
For an e-commerce site owner, the temptation is understandable. As this article explains, just because you aren’t shelling out any money for a Premium WordPress theme, it doesn’t mean it won’t cost you. In the worst case scenario, that cost could far outweigh the benefits.
It’s time to take a look at the dark side of pirated WordPress themes.
WHAT IS A PIRATED (OR NULLED) WORDPRESS THEME?
A pirated (or nulled) WordPress theme is an illegal copy of an existing (usually Premium) WordPress theme which has had its metadata stripped out so that it can be downloaded by anyone without needing to enter a license code or key. Pirated copies are normally made available for free download from a monetized website run by the pirates. The person responsible for hacking the theme will often be paid a small amount of money from the website owners every time someone downloads the theme from the website.
It hardly needs pointing out that this practice is illegal although some people claim that since the WordPress code is available on an open source license, any derivatives, including themes should also be free to copy.
Regardless of the legality of the situation, there are a number of significant disadvantages to trusting a pirated copy of a WordPress theme.
Here are some of them:
A WordPress theme is, of course, a bundle of folders and files and these can literally contain anything. It is not uncommon for the owners of pirate websites to include more than the end user bargained for. Pirated themes are often found to be corrupted with adware, spyware, malware or a combination of these.
By running a pirate website in the first place, the owners have demonstrated they will flout the law to make a profit. Why would they not bump up their earnings by injecting unwanted PPC ads, stealing and selling valuable customer data or handing the keys to your website to a paying third party? The functions.php file is a common place to find dodgy code. Code in this file can call native PHP and basically order WordPress to carry out all manner of tasks, including setting up a dedicated URL for setting up new user accounts for hackers (commonly referred to as a ‘backdoor’).
Could your e-commerce business afford a data breach? The potential damage in terms of industry fines and loss of reputation should not be ignored. Even less malicious adware can cause your site to slow down or start displaying inappropriate advertisements to your valuable customers.
The best way to minimize the risks of malware in your WordPress theme is to either use the native WordPress repository or a trusted merchant like Fortune Creations, where you will find plenty of quality free and low-cost multipurpose WordPress themes to build your e-commerce site on.
NO AUTO UPDATES
Even if the pirates are playing fair by their (non) paying customers, this doesn’t mean your WordPress website won’t be at risk. Installing regular security patches is standard good hygiene for WordPress sites. This is normally done via periodic automated updates partly controlled via code in the theme meta data. However, pirates strip this data out when copying theme files. This means that the only way you will be able to keep your site current and ‘secure’ is by re-downloading the theme every time an update is released (assuming the pirate site is still up and the theme still available, of course).
If you never update your WordPress theme, your site will be at risk of cross-site script (XSS) attacks and other vulnerabilities. You will also miss out on new features and improvements applied to the legitimate version.
ON YOUR OWN
Another benefit that will be denied to WordPress users who choose to download a pirated theme is customer support. The Premium themes often differentiate their offering through high-quality support and this almost always requires some kind of token, key or log-in credentials to access. These will have all been stripped from a nulled WordPress theme. What’s more, the extra features, plugins, and add-ons that justify the theme owners’ premium charges can make the learning curve quite steep. The owners of pirated themes need to be prepared to go it alone when it comes to figuring out how to use the theme.
To promote their platform, pirate website owners will usually embed numerous links back to their website in their themes. If they have been flagged as an untrustworthy site by Google (which many have), these links will reflect badly on your website. You may even find yourself being penalized by Google, resulting in you slipping down the SERPs.
These links are often scattered in various areas of the theme including within the non-rendered meta data. This can make removing them all a difficult and time-consuming operation. Every time you have to spend extra time working on a pirated theme, the value benefit over the legitimate version reduces.
RISK OF PUNISHMENT
If you are willing to accept the risks above, there is still the slim possibility that the theme owner could find out about your actions and report you. In practice this is unlikely. Theme developers generally don’t have the will or the resources to hunt down pirated copies of their software and accept the risk as coming with the territory.
However, should the theme owner track down your illegal copy they could choose to sue you or even cause you problems by reporting you to your web-host. In the worst case scenario, this could end with your account being temporarily blocked or even closed down permanently. After all, one hacked website could threaten the security of all other websites on a server. Why should your web-host risk it?
Last but not least, dealing in pirated WordPress website templates is a form of theft and therefore, in many people’s eyes, simply wrong. After all, the developer will have put hours of work into their creation and deserve to reap the rewards of a job well done. If you never intended to pay the ticket price for a Premium theme, it is best to look elsewhere for an honest bargain.
A SMARTER WAY
Hopefully, you get the picture. Downloading a pirated premium WordPress theme might give you a source of satisfaction at the time but the potential negative impact on your website and your business is really not worth the risk. If you dodge a bullet by downloading a clean copy you will still be disadvantaged with no auto updates, no customer support, a likely loss of search engine ranking and the potential of a fine or site ban.
If you really can’t afford or justify a $50 plus price tag for the very best themes there are plenty of high-quality responsive WordPress themes available for a fraction of that price. Avoid the pirates and reward some of these talented developers with your customers instead.
About the Author:
Maruti Makwana is a co-founder of Fortune-Creations who offers premium WordPress themes. His design skills cover investigating client requirements, identifying best user practices in emerging market environments, conceptualization, and development of web page designs, user interfaces (UI) designs, and other custom built design solutions as per the business domain. Twitter: @FCThemeDesigns.