We love digital

Call 0845 485 1219

We love digital - Call and say hello - Mon - Fri, 9am - 5pm

Free WordPress Themes – All Bad for SEO?

Michael Rolfe

by Michael Rolfe on 28th October 2011

Need a free wordpress theme? Whatever you do, don’t Google ‘free wordpress themes’ and start browsing  for something pretty – unless you are looking for an exploited theme that has a good chance of getting your domain penalised.  Here’s the shocking truth:WordPress themes are created by others to allow you to change the look and feel of your website to suit your business.  These can then be used as a photography site, a student magazine or an email capture sales page.  The danger is that some people are creating malicious themes, and it is these providers that are dominating the top of the Google results pages for terms like ‘free WordPress themes’.

How bad is it?
Recent research by Siobhan McKeown shows that of the top 10 organic Google results, 1 was safe, 1 was suspect and 8 had obfuscated encoding to hide extra code the theme providers don’t want you to see -  that’s 9 out of 10 results that you can’t trust!

Why can’t you trust them?

8 of the sites contaminated a bunch of gibberish looking characters which was base64 encoding.  While it looks meaningless, this gibberish is reassembled in to code when ran, creating hidden links to bad neighbourhoods, installing scripts and bots on to your WordPress installation or hacking in to the server your WordPress blog is installed on.

With so many good looking themes available online for ‘free’, it is disheartening to learn that it may not be the cheapest option in the long run – hosting malware or even linking to bad websites can get your site penalised or even de-indexed by Google and other search engines.  What would you do if you lost 90% of your organic traffic next week?  The one result you can trust is the official WordPress themes repository.  These themes are checked for suspect code and also to be compliant with the latest web standards to help ensure compatibility, security and end-user usability.

There are also many premium theme suppliers who have a vested interest in supplying quality themes to their user base and building up a strong reputation.  It should be fair to say that many premium theme providers have solid reputations and excellent products, but also that paying for a theme is by itself, no guarantee of a clean, friendly product.

What if you’ve already installed free WordPress themes?
If you already have free themes installed that you feel you should check over, the Theme Authenticity Checker Plugin could be useful for you (N.B. – they have a plugin checker too).  In the end, WordPress is a free platform, so paying a little more for a premium theme with ongoing support to prevent against future security weaknesses, or ‘limiting yourself to the pre-approved WordPress.org selection of over 1,400 themes shouldn’t be too tall an order, as tempting as those free WordPress themes might instinctively appear…

Doesn’t Google penalise sites that host malware?
Google does – it’s a bad user experience, however visiting the free theme providers on the first page of the Goolge SERPs does not infect your machine with malware.  Downloading the themes will not show up as malware either usually.  It is only when the themes are installed do the threats usually become prominent.  It could be argued that Google penalise other indirect badware providers and should step in here, but where do they draw the line?  It’s a grey area right now so the best advice to protect yourself and stay knowledgable.  And if your site/server is trying to infect others with malware, you could well find your site penalised or de-indexed.

Free WordPress themes installed from reputable looking sites  may be ruining your SEO efforts,  exploiting your server or infecting machines with malware without you even knowing it.  Only use WordPress.org approved themes, premium themes you trust or themes you have scanned for hidden links, obfuscated code and security threats and are happy to base your business on.

Michael Rolfe

Michael Rolfe

Michael has been earning a living online and winning awards for it since 2005. Projects include launching an affiliate network, database driven comparison websites, and Wordpress education seminars as well as devising and implementing the online marketing strategy for a listed blue-chip organisation.


  • Jim Seward 28th October 2011

    Great post, I’ve downloaded that plugin to check my themes as a couple had been modified from freebies….All ok thankfully.

    Worth mentioning artisteer as a quick simple way to make fairly attractive wordpress (and joomla/drupal etc) themes quickly with no coding knowledge

    Reply to this comment

    • Michael Rolfe

      Michael 28th October 2011

      Hi Jim, thanks for commenting. I have used Artisteer on a personal myself and it does offer a way to generate themes without coding knowledge. I would add that running the Theme Check and Exploit Scanner plugins on some Artisteer themese of mine, they did come up with some errors – not malicious – by enough errors that they would be disallowed entry in to the official WordPress themes repository – should they ever be put forward for consideration.

      I imagine most users wouldn’t be creating generated themes specifically for inclusion, but if a plugin can scan the code and find deprecated code etc, maybe search engines can too. I wouldn’t say that sites with coding errors can’t rank but going forward it must be best practice to run clean code.

      Theme generators could be useful – I would advise to scan and edit them if required. Thanks for your contribution Jim!

      Reply to this comment

  • Chris Jones 20th November 2011

    Michael thanks for the useful information. I have used Artisteer and love it because I can make the theme the way I want it. I will have to check into the free themes on WordPress now as you definitively made me think twice about using some of the themes I have.

    Reply to this comment

  • Michael Rolfe 21st November 2011

    Hi Chris,

    Absolutely – there are many theme generators available and they can be very useful. It’s nice to have themes from WordPress.org as you can feel they have been vetted to some degree, and it’s nice to have the knowledge that you need to be vigilant in either case and that you have an idea of what to look out for. Clean themes may still get compromised if you have an attack on your site and an understanding of some of these issues can again help you stay aware. Thanks for your contribution Chris!

    Reply to this comment

  • Ambrose Mugwump 2nd March 2012

    Good advice. For months I’ve been wondering if Graphene is responsible for my low traffic, now thanks to TAC i know it’s all my fault instead!

    Reply to this comment

  • Michael Rolfe 2nd March 2012

    Thanks Ambrose – Keep learning and developing your site – there is always more to learn or more to do online… who knows how high your traffic could get!

    Reply to this comment

Subscribe To The Koozai Blog