The perils of “nulled” WordPress themes

Having the largest ecosystem of any CMS ever, WordPress users have a lot of choice when it comes to themes. There’s thousands of open source offerings on WordPress.org as well as many more paid for ones on marketplaces such as Envato.

I recently wanted to assess the code quality of a few different paid themes before deciding on one to buy, so I downloaded some “not quit legitimate” copies from one of the many shady “nulled theme” sites, to run in a sandbox. Obviously you’d have to be a) quite immoral and b) an idiot to use such things in production, but I figured what’s the harm if the winning one’s going to be bought anyway.

After choosing the winner I thought I’d diff the two copies I had. Just how bad was the malware going to be?

Continue reading “The perils of “nulled” WordPress themes”


The best way to spider & download an entire website

There seem to be a lot of GUI tools out there that purportedly download entire websites. The last one of these I tried using was SiteSucker, which sucked pretty badly. What you really need is this:

run from the terminal. I put this here in the interests of me remembering all the options and hopefully someone else saving themselves so many boobless hours of crap applications that don’t work.

Continue reading “The best way to spider & download an entire website”