How can I tell if a free template contains malware

by toomanyairmiles   Last Updated September 07, 2019 09:10 AM

I recently came across a site giving away good quality themes for free - but once downloaded it turned out that all the themes contained poorly concealed malware. Thankfully on this occasion my anti-virus picked it up.

What are the common signs that a theme might contain malware, are there any obvious or well known tricks that I should be aware of?



Answers 3


Since you're looking for free templates I assume you're not looking to spend extra, but mysites.guru (formerly myjoomla.com) has excellent security scanning.

The details of what you're looking for:

  • start with looking for any inserted iframes.
  • Then look for any php files that are not the index.php or component.php, etc layout files..and if you see anything besides Joomla classes in them, they may be serving the malware.

Now, a commercial template will have several supplemental php files, so not all additional php files are bad, of course.

The biggest "gotcha" though is the iframe.

Toni Marie
Toni Marie
April 30, 2014 18:25 PM

Perhaps there is only one safe answer - only download direct from the original creator and preferably from a well known template house. Most of the commercial template devs do at least one free template. Do your research on the creator as much as the template ;)

Hils Cheyne
Hils Cheyne
April 30, 2014 21:38 PM

I would always favour any free software (not just Joomla templates) that is available, and easily scrutinised, on Github.

As Hils rightly points out, never ever download a template from any other provider than the creator, it's almost guaranteed that you'll get a dose of digital pox that way.

Seth Warburton
Seth Warburton
May 01, 2014 08:25 AM

Related Questions


Updated April 10, 2015 19:04 PM

Updated January 29, 2017 14:04 PM

Updated February 16, 2016 00:16 AM

Updated April 25, 2015 21:04 PM

Updated July 01, 2016 08:04 AM