Tac wordpress plugin. Theme Authenticity Checker (TAC) plugin: checking the template for unnecessary links. What is this plugin and what is it for?

Let's start with a small digression.

It's no secret that most WordPress template developers embed links to their website into their creations. This can be said to be a fee for using a free template - and it’s good for you and for him.

However sometimes unscrupulous template creators(and often translators or even those simply unrelated to the creation of the radish template who have posted the template for download :) embed their advertising links in large quantities, which can’t make you happy.

In my template, for example, there were 6 such links! At the same time, there was protection against deleting these links and even editing. Otherwise, the template simply stopped working, so I had to work hard to solve this problem) But that’s another topic.

Also in such templates may include malicious code, which is also not good.

In general, I think you understand that not all yogurt templates are equally useful :)

So the plugin is in a hurry to help us.

What does Theme Authenticity Checker (TAC) plugin do?

It checks themes for the presence of malicious code, links, and encrypted code.

After installing the plugin, a TAC button appears in the Design section.

Click it and a screen will open with the results of checking your themes.

My themes were without encrypted codes, so I am attaching a screenshot from the office. WordPress site

If you see a red inscription in your topics that an encrypted code has been detected, or the number of links is too large, then it is better not to contact it, but look for some other one. Or download the template from the official website and check it - as a rule, there should be no unpleasant surprises, but in this case you will have to translate it yourself.

Hello dear readers! This is the second day I’ve been snowboarding in Khibiny, it’s snowy, sunny and very cool! Read the details at the end of the report.

If you have decided to create your blog on WordPress and are looking for a suitable theme, then my post today is for you. But for those who are already familiar with WordPress, it will be useful to familiarize yourself with the information in this review. We will talk about the TAC (Theme Authenticity Checker) plugin. It provides template checking for links that may be embedded in the theme you download.

What is TAC for?

This problem may be encountered by those who downloaded the theme not from the official WordPress website - wordpress.org/themes, but from other third-party sources. Such templates can include links that are hidden to you but open to search engine indexing. And extra links, i.e. not just those that lead to the developers’ site, but spam ones that litter your site, no one needs. This is where the TAC plugin for WordPress comes to our rescue.

It is very easy to use and its only function is to find coded or regular static links in the topic. They are usually placed in the footer or sidebar.

Working with the TAC plugin: removing static links

You can download Theme Authenticity Checker from the official website - wordpress.org/plugins/tac, or find it in the search for the plugin installation section.

After installation, activate it and find it in the admin panel ( Appearance– TAC). It automatically detects whether everything is ok with your theme. The picture below is one example of what the TAC plugin can show for a WordPress theme.

In this case, we see that he determined that everything is OK with the topic. However, there are 3 static links, which can be viewed by clicking "Details".

As you can see, TAC has determined in which part of the template the links are located - in footer.php. From there we have to remove them.

Before you start deleting, be sure to do this.

After you have made a backup, go to the footer.php file, find all the links listed above and remove them from a> to .

Then you check how the site works. If suddenly you cannot log into the admin area, this means that restrictions on deleting these links have been introduced in the functions.php file. In this case, replace the modified template files with the ones you previously saved. Go to the functions.php file and find the following line there: vs (fgecbf ($p,$y)==0. In it you need to replace 0 with 1. After that, delete the links again.

How to get rid of the encrypted code?

The second type of message that TAS can show is “ " Here's an example:

In this case, in addition to the static link, there is also an encrypted code using the base64 method. The picture shows that it is located in the sidebar. Line 89 – indicates the line number where the code is located. But in order to delete it, you first need to decrypt it. You can try to delete it immediately, but it may still contain the elements you need.

Find the code in the sidebar.php file by line number (in your case it may also be in footer.php). It might look something like this:

Copy this entire set of letters and numbers. To decrypt it you will need a special service. Here is one of them: base64-encoder-online.waraxe.us

Paste the code into the empty field and click “Decode data”:

The service converts the encrypted code into the one we are familiar with. In it you need to find those parts that are responsible for displaying the link (a href). Now we see the usual static code, which we find in the sidebar file and, by analogy with the method described above, delete it.

After that, check the theme again using the TAC plugin. Ideally it should show "Theme OK!" and lack of static links.

At this point, work with this plugin is completed, and it needs to be deactivated, or better yet, deleted so as not to store unnecessary garbage.

Watch the video about the plugin if you have any questions:

The second way to check a template for links

It happens that the plugin does not find all the links. Therefore, I recommend looking at the code with your eyes again. In your browser, click right click mouse by work area and select " Source code" (V different browsers name may vary). Use your eyes to look through the html code of your site for the presence external links. You can use the search (Ctrl+F) by entering in the field<а и просмотрев все найденные ссылки.

P.S. This year six of us gathered for skiing in the Khibiny Mountains. We rent a three-room apartment for 400 rubles. per day per person near the city slope. We spend the whole day riding on different trails, and in the evenings we have fun at home. Today I decided to temporarily exchange my snowboard for skis, took them from a friend and started learning. Check out the photos:

So the wind covered the booth on the top of the mountain with snow:

I come back from the gurney exhausted, so I don’t have time to deal with the questions in the comments yet. I wish you snowy winters too, bye!

Today we will get acquainted with a very useful plugin TAC (Theme Authenticity Checker). What is the TAC plugin for? To save time and automatically detect harmful code and external links in WordPress themes (templates).

We all don't mind downloading our favorite free theme from time to time. We type in the search engine - download wordpress templates. And countless resources open to your eyes, teeming with templates for every taste and theme.

We downloaded the theme, installed it and didn’t even suspect that the “new tenant” was full of “fleas” and needed cleaning. Downloaded themes should be checked for malicious code and external links. And sometimes this “good” is enough in them. Doing this manually is quite tedious. Imagine you need to dig through a bunch of code and manage not to delete the necessary part of it. Funny? Anyone who tried to do it manually will say - NO! The SO plugin scans all downloaded themes and provides complete information for the presence of harmful code and external links.

Step 1. Plugin TAC (TAK). Unpack the downloaded archive.

Step 2. Place the folder with the plugin here: ../wp-content/plugins/

Step 3. and activate the plugin.

Step 4. After activation, look for it in the tab "Appearance", rice. 1

Step 5. For example, I downloaded the template "Urban-Lights". The template turned out to have “fleas” rice. 2

Click on the button "Details" and you will see everything that we need to get rid of. In my case, these are six external links.

Five of them are on file footer.php, as suggested by the inscription wp-content/themes/Urban-Lights/Urban-Lights/ footer.php and another one lurking in the file sidebar1.php, as evidenced by the inscription wp-content/themes/Urban-Lights/Urban-Lights/ sidebar1.php , rice. 3(image active)

Step 6. To clear the topic and not touch the rest of the code, you should use a text editor with search and it’s good if it has syntax highlighting. I use the editor with syntax highlighting Notepad++. In the article you can read where to download it, how to install and use it.

Having opened the necessary files in the editor, in my case these are the files footer.php and sidebar1.php, let's start cleaning the theme. To do this, copy from "Details" line of code and paste it into the editor search. Notepad will show the element you are looking for, and all we have to do is carefully delete it. Next, using the same scheme, we find and delete the lines one by one. So until you find and delete everything in “Details”.

The Theme Authenticity Checker (TAC) plugin helps you find and remove external links and malicious codes in your WordPress theme. You should always do this check before installing a new theme. Now we will try to implement it.

Working with the Theme Authenticity Checker (TAC) plugin

Download TAC ( Theme Authenticity Checker) is available for free in the official WordPress directory. After activation, go to the menu “ External view d" -> " TAC».

Here you can find all the information about installed themes registration To view security warnings, click on the " Details" It will be located next to the topic you need.

I have several themes installed as an example. Now we will look at them.

Safe themes

Topics with a green square are indicated as safe. That is, no malicious code or external links were found in them.

Unfortunately, you won’t find such completely safe themes. If only except for the standard WordPress theme.

So, if you don’t want to waste time, you can install the standard option. It is installed by default in the CMS itself.

It is worth saying that the TAC plugin is not the most suitable solution for searching for malicious code on a website. Not only does it scan only topics, but it cannot find all vulnerabilities. Finds only the most common ones.

Therefore, if you use it, then only as a preliminary quick check. However, more advanced malware scanners are needed for a thorough analysis.

Topics with external links

Topics may appear at the same time as a green square " Theme Ok!» (1) and with a white square “Statik Link(s) Found...” (2) . With this action, the TAC plugin says that this topic is safe for us. But it contains several external links.

Theme Authenticity Checker plugin shows external links in the theme

As an example, we will consider the standard classical WordPress theme with the title " Default».

So, my plugin found several external links in it (4) .

Look carefully!

The plugin gives us those lines (3) that need to be deleted. In my case, this is from the opening tag and closing tag.

On the right side (5) we can find out in which files these lines are written. In my case, this is the footer.php and sidebar.php file.

Now I need to go into the editor and find my theme. Go to required file, find and delete that line (3) , which was highlighted by the TAC plugin.

Dangerous topics

And finally, there is a third type of topic that carries a much more hidden threat. As an example, I chose one attractive option that I downloaded from the Internet.

After checking, the TAC plugin for WordPress highlighted this topic with a special red square (6). This means that this option contains malicious codes that can cause significant harm to the site.

With the help of such encrypted codes, it will be easier for attackers to hack your website or blog. Therefore, I recommend avoiding such topics and not using them on your project.

The figure shows that the plugin displays these codes in red.

Unfortunately, it does not display the entire code, but only the beginning of it. The plugin encloses the encrypted code in quotes. Marked with a black line in the figure.

If you decide to delete such encrypted codes, be sure to do backup copy site. It’s not a fact that after removal, the project will work normally.

When you have checked the theme for malicious code and external links, and everything has been fixed, you can remove the TAC plugin.

You won't need it anymore.

Greetings, dear friends, colleagues, ladies and gentlemen! Today we'll talk about very plugin TAC) which means " topic check for authenticity." The TAC plugin is designed to scan the source files of the template (theme) for the presence of extraneous, malicious, as well as encoded links. To put it simply, it looks for hidden links in the theme WordPress.

As a rule, each template contains links to the author’s website, they are visible to the naked eye, everything is fair here: you free template, give him a return link. But there are such penguins (not good people), which encode the links and insert them into the template. When you try to delete them, the blog template simply breaks or stops working. Thus, such bastards make money from this by offering to remove them for a certain amount. Others promote their sites (shit sites) in this way by increasing their numbers, and if the link leads to a bad resource, then your blog may suffer. Do you need this? Of course not. In order to check installed themes to external links, you must install the TAC module.

How to install the Theme Authenticity Checker (TAC) plugin

The plugin is installed through the admin panel of your blog, in the Plugins - Add new section. In the search box, paste the name Theme Authenticity Checker (TAC) and press search:

Search Theme Authenticity Checker (TAC)

Then, on the page that opens, click “Install”. After installation, do not forget to activate it:

Install the Tac plugin and activate it

How to use the TAC plugin

Go to the Appearance section and click on the TAC subsection:

Click on TAC

One click and your installed templates will appear in front of you. If everything is in order with the themes, then the picture will be like this:

Themes are ok

You can sleep peacefully, everything is fine with the templates. If this appears:

There is nothing scary about this either. These are static links. They can link to the author's Twitter or RSS feed. You can easily remove them. To find out about them in detail, click on the Details button and the plugin will display (as in the screenshot above) the entire link and where they are located in the template. Now we have come to the most unpleasant moment, this is when a red warning appears next to the topic:

Encoded code in theme

This means that the theme has an encoded link (base64_decode). The plugin will provide detailed information: path to the theme file, line number and a small fragment of suspicious code. For beginners, it is better to get rid of such a template and no longer download them on a site where such bad things happen. My advice to you: use themes from the official WordPress.org website, there are thousands of them. But if you really like the template and there are encoded links, then you can try to decode them. Read how to do this in the following articles.

All the best. Good luck and always check with the TAC plugin. Protect yourself from trouble.

(function(w, d, n, s, t) ( w[n] = w[n] || ; w[n].push(function() ( Ya.Context.AdvManager.render(( blockId: "R-A -292864-4", renderTo: "yandex_rtb_R-A-292864-4", async: true )); )); t = d.getElementsByTagName("script"); s = d.createElement("script"); s .type = "text/javascript"; s.src = "//an.yandex.ru/system/context.js"; s.async = true; , this.document, "yandexContextAsyncCallbacks");