How to Spot a Rogue or Subpar WordPress Theme

Charles Costa
Charles Costa

Choosing a theme for your WordPress website can be a challenge for even the most experienced developers and designers because aside from the code being increasingly complex, with paid designs, purchases often are as-is. With responsive capabilities being a crucial element of most designs today, it is important to ensure that the themes you purchase don’t fall victim to responsive web design pitfalls.

Fortunately by following a few common sense precautions, you can reduce the chances of downloading a theme which can pose a threat to your website.

Simple Ways to Validate Your Themes Code

Since going through a themes code by hand is a tedious task most professionals don’t have time to do, validation tools such as the W3C Markup Validator allow you to check the markup validity of a site with only a few clicks. To validate the themes you plan to purchase, simply point the validator to the live demo page and then check the results.

W3C Markup Validator

In general you shouldn’t worry too much about warnings the theme triggers. Rather you should be focused on markup errors since those typically have a significant impact on your site operations. Once you check the markup of your theme, you should also run the W3C CSS Validator to ensure that the CSS in your desired theme follows coding best practices.

W3C CSS Validator

If you’re looking for a more thorough way to ensure the themes you have are compliant with web design best practices, you can use to see a thorough validation score simply by uploading the package to your website. Although this method requires you to have the theme files on hand, the ThemeCheck website lists a wealth of theme ratings on their homepage. This can allow you to pull up a themes score if you have the name. is open sourced with the code available on Github and it technically is a fork of the Theme-Check plugin which is mentioned below.

Theme Check

If you want to take your verification a step further, there are tools which allow you to check your WordPress themes after they are installed on your server. While this step isn’t ideal for themes you need to verify in advance, it is a helpful safety layer for free themes. Theme-Check is a plugin which allows you to test your WordPress theme and ensure it is compliant with the latest WordPress theme review standards.

To use Theme-Check, you simply run the tests through your WordPress admin panel. The results are shown at once, and the results also are saved to a log which can be helpful if you are a theme developer.

Another useful tool to ensure your WordPress themes are compliant with theming best practices is the Theme Authenticity Checker (TAC) which is a tool focused on finding malware hidden within themes.

Theme Authenticity Checker

Although we’ll discuss how to find quality paid themes shortly, it’s important to note that some free themes contain malware or spam links as a way for the developer to generate revenue. While not all free designs are dangerous, it never hurts to be safe when it comes to ensuring your website is free of malware.

Although a different topic, while you are verifying your themes for malware, you should know how to protect yourself from rogue plugins.

Sticking with Trusted WordPress Theme Sellers

Although there’s no shortage of theme developers on the web, you can help to protect the integrity of your websites by only purchasing themes from reputable sellers. If you’re looking for a wide selection of themes, ThemeForest and MojoThemes are two of the largest template vendors on the web. While they are a marketplace with many sellers, they offer a feedback system so you can see whether a seller has a proven track record.

Other WordPress theme vendors worth considering include:

There are many other reputable sites on the web, so the previously mentioned names are far from a comprehensive list.

If for some reason you need to choose a free WordPress theme, it’s usually best to stick with themes you find mentioned on major blogs and reputable sites. When possible, avoid downloading themes from random websites, and of course avoid nulled themes at all costs. For those unfamiliar with the term, a ‘nulled theme’ is a premium theme which has the copy protection removed. Nulled code is illegal to use, and almost always will have modifications to give attackers access to your website.

When in Doubt, Use Google

When you’re in a situation where you aren’t sure if a theme creator is legitimate, it never hurts to Google the creators company name to see if they have a negative online presence. This can be a valuable tool for marketplaces and standalone theme retailers as it allows you to gather insights which might not originally be apparent. Although this method is far from foolproof, it still is an effective way to bring another perspective to your theme purchasing.