Recently I was helping a new BulletProof Security user track down what appeared to be the second successful hack of BulletProof Security in 10 months.  Turns out the WordPress Theme was what I like to refer to as a “WordPress Theme hacked at the factory”.  Meaning yes you just downloaded and installed a WordPress Theme that is already coded to do something you don’t want it to do, with some nasty code that you had no idea was already in the WordPress Theme - pre-hacked right out of the box.  Now you could legitimately argue that if these links come with the WordPress Theme then they are part of the Theme design itself and well then technically it isn’t a hacked WordPress Theme at all.  The thing that cancels out any legitimacy for these pre-hacked WordPress Themes is that if you remove the links they will just come back again tomorrow because that is the way the coding is designed in these pre-hacked WordPress Themes.

In this particular case the WordPress Theme was displaying a link at the top of the page going to one of those obnoxious viagra-like sites.  I was curious about where the WordPress Theme came from so working with the owner of the website we did some back tracking.  The owner of the website (may or may not want to remain anonymous – have not asked for permission to share his name yet) discovered a very nasty picture.  Several mirrored websites with thousands of pre-hacked WordPress Themes ready to be downloaded by unsuspecting victims.

I can’t say with 100% certainty that this is 100% intentional, but all the evidence puts me at around 99.99% sure that these sites are intentionally offering pre-hacked WordPress Themes to unsuspecting victims.

BulletProof Security is not capable of stopping your website from being hacked if it is designed pre-hacked.  Meaning the Theme is already hacked right out of the box.  So BulletProof Security is not detecting an external threat because the hack is already built into the Theme itself.

There are too many WordPress Theme names to list since there appears to be thousands of them on these mirrored websites that are pre-hacked.  So be forewarned that if you downloaded a WordPress Theme from these websites you are probably downloading and installing a pre-hacked WordPress Theme with coding already in it that you do not want.  Unless of course you don’t mind having Viagra and other obnoxious spammy links on your website.  LOL

wpblogskins.com
wordpresstemplates.com
wordpressthemes2.com

These are just 3 of the mirrored sites and there appear to many more.  What is the smarter approach it so check your WordPress Theme for these following things:

filenames:  theme_licence.php and start_template.php (which can be easily changed to something else again)

Check your WordPress Theme header.php file and sidebar.php files.  If you see code like this in these files then you have a pre-hacked WordPress Theme.

require_once("theme_licence.php"); eval(base64_decode($f1)); bloginfo('html_type'); 

A note of caution:  If you are downloading a Free WordPress Theme from an individual website as opposed to downloading a Free WordPress Theme from WordPress.org you want to make sure that you check the Theme’s code for any suspicious coding.  When anyone submits a Free Theme to WordPress it is checked and approved by the WordPress folks before it is allowed to be listed in their Theme directory.  The same applies for Free WordPress Plugins – the coding is checked and approved by WordPress before they will list the plugin in their directory.

At some point BulletProof Security will include simple Alerting that will detect whether or not you have a pre-hacked WordPress Theme.

Free Flash Photo Galleries

Free Flash photo galleries add that extra zing to a website.  Besides being a great way to showcase your products and services, free Flash photo galleries can make an inviting professional statement about your website in general.  Static images tend to take up a lot of website real estate and can lead to a cluttered visual appearance.  Using old school jerky gif animations can have a negative impact on a website’s overall impression.  Javascript animations have nice animated transitions, but nothing is smoother than Flash animation.  A free Flash photo gallery can always be customized further if you have the Flash program.  If you do not have the Flash program then you should look for free flash photo galleries that use an XML file to load images and do searches with XML included in the search string such as “free Flash XML photo gallery”.

Free Flash Slideshow Photo Galleries – Traditional and Classic Flash Slideshow Galleries

Looking for a simple traditional free Flash photo gallery or free Flash Slideshow photo gallery.  The first two free Flash photo galleries are very nice traditional and classic free Flash Slideshow photo galleries.  These free flash photo galleries use XML files to load photos externally, which means the Flash program is not needed to add your personal photos to these photo galleries.

Free Flash Photo Gallery (XML photo loading) by Flash Gallery

Click to view the demo

This is a very nice simple free Flash photo gallery that does not require the Flash program in order to load your photos.  Photos are loaded into this free Flash photo gallery using an XML file.

Free Flash Photo Gallery (XML photo loading) by Entheos

Click to view the demo

This is a very nice simple free Flash photo gallery that does not require the Flash program in order to load your photos.  Photos are loaded into this free Flash photo gallery using an XML file.

Free Advanced and Unusual Flash Photo Galleries – 3D Flash Cubes, 3D Flash Spheres, Photo Walls, Spinning, etc.

Looking for an advanced and unusual Free Flash photo Galleries?  Traditional free Flash photo galleries work fine in most cases, but adding an advanced or unusual free flash photo gallery like a 3D Flash Cube or 3D Flash Sphere can add that extra interest factor that will make your website more memorable to a website visitor.  It’s always a good thing to get website visitors.  It’s an even better thing to have website visitor’s return.  Choosing to use an unusual free flash photo gallery should make logical sense with your website design and or products and services.  If you are going for the more traditional style and look then you should probably stick to using a more traditional free flash photo gallery.

Free 3D Spinning Flash Photo Gallery (XML photo loading) by Flash & Math

Click to view the demo

The free 3D Spinning Flash photo gallery is a very nice advanced free Flash photo gallery that does not require the Flash program in order to load your photos.  Photos are loaded into this free Flash photo gallery using 2 XML files.  One XML file is used to load the left column of photos and another XML file is used to load the right column of photos.

Free 3D Sphere Flash Photo Gallery (not XML photo loading) by Flash & Math

Click to view the demo

The free 3D Sphere Flash photo gallery is a very nice advanced free Flash photo gallery that does require the Flash program in order to load your photos.  Photos are imported into the Flash program in order for them to display in this free Flash photo gallery.  If you have the Flash program you can very easily add AS3 coding to this Flash photo gallery to make it an XML loading Flash Gallery.

Free 3D Cube Flash Photo Gallery (not XML photo loading) by Flash & Math

Click to view the demo

The free 3D Cube Flash photo gallery is a very nice advanced free Flash photo gallery that does require the Flash program in order to load your photos.  Photos are imported into the Flash program in order for them to display in this free Flash photo gallery.  If you have the Flash program you can very easily add AS3 coding to this Flash photo gallery to make it an XML loading Flash Gallery.