firefox.gif
office.gif
software.gif
windows.gif
sonyericsson.gif
wordpress.gif

How to Protect your Wordpress Theme Files

By Nirmal on December 28th, 2007

ADVERTISEMENTS

There are 1000s of Wordpress themes available for free download, but still you would like to have a unique theme for your blog or website. All you need is to modify or design a new theme based on an existing theme. Now what happens if someone steals your theme from your theme folder after all the hard work? One of my friends Arpit had problems with some people ripping off his beautiful theme, which he had made for his blog. So how to protect your blog theme?

By default everyone can view the theme folder in your blog (Wordpress). The navigation path is http://www.yourwebsite.com/wp-content/themes. If you have a zipped version of your theme in this folder, everyone can just download your theme by clicking the zip file. In order to protect your can do this simple step.

1. Create a HTML page, which has a message like “You are not authorized to view this page” or something similar to it. Here is an example.

not-authorized.gif

2. Save this file as Index.html and upload this file to your themes folder, by default wp-content/themes. Thats it.

Now if you navigate to the same path, this file is displayed and no one can access your theme files. Alternatively you can just remove all the zipped versions of your theme, so that no one can download it directly from your folder or change the permissions set on this folder.

Share & Enjoy
stumbleupon-48×48.png digg-48×48.png technorati-48×48.png feeds-48×48.png delicious-48×48.png

Enjoyed this post? Subscribe to Full Feeds or by Email and receive free daily updates on Technology, Internet, Blogging, Tips and Tricks.

Related Articles

Recommended by Life Rocks 2.0

18 Responses to “How to Protect your Wordpress Theme Files”

  		1.  Alfred
    Dec 28th, 2007 at 3:42 am

    Creating an html file can block access from the browser, but tools like getright browser will still show the files.

    I think you need to use the Index Manager in your cpanel and set the no index option for these directories.

  		2.  Techblissonline Dot Com
    Dec 28th, 2007 at 9:14 am

    i agree with alfred…

    or you can have this in robots.txt for all bots…

    Disallow: /wp-content/

  		3.  nirmaltv
    Dec 28th, 2007 at 10:14 am

    @Alfred,
    Thanks for the info. :smile:

    @Rajesh,
    Adding in robots.txt will only prevent search engines I guess.

  		4.  Arpit Jacob
    Dec 28th, 2007 at 11:12 am

    Thanks Nirmal . I haven’t yet down to doing this. haven’t got time because of Christmas.

  		5.  Techblissonline Dot Com
    Dec 28th, 2007 at 3:37 pm

    try it and see…even noindex is for search engines… :)

  		6.  Techblissonline Dot Com
    Dec 28th, 2007 at 3:39 pm

    you will have several such directories exposed and having an index.html for every directory is not the right way to do it…

  		7.  Vijay
    Dec 28th, 2007 at 8:54 pm

    I wonder who would be so careless as to store the zipped version in the theme dir! However, I ensure that my theme files are not accessible publicly! I am sure these tips can be useful to new users!

  		8.  Shivaranjan
    Dec 28th, 2007 at 8:58 pm

    Good tip that can prevent you from simple geeks but as alfred said hackers would be easily bypass this.

  		9.  Ronald
    Dec 28th, 2007 at 9:13 pm

    How if we set the .httaccess and addedd script like this : Options -Indexes ?

  		10.  Logesh
    Dec 28th, 2007 at 9:58 pm

    I think using the .htaccess file is the best way. Because, as alfred has said some download managers could look into the directories, and adding robots.txt file will only protects from the search engines and not from the visitors. So i highly recommend to use a .htaccess file :)

  		11.  Haris
    Dec 29th, 2007 at 12:43 am

    Can’t we CHMOD the folder and prevent anyone else from getting in it?

  		12.  nirmaltv
    Dec 29th, 2007 at 1:12 pm

    I feel from the comments above, writing a rule in .htaccess may be the best option.

  		13.  Ronald
    Dec 29th, 2007 at 3:41 pm

    I think to protect that directory, you can use a PHP script or .httaccess + .htpasswd file to prevent someone else download your themes/plugins.

  		14.  Garry Conn
    Jan 3rd, 2008 at 12:57 pm

    This will thwart the attempts from many… but most people are after your CSS. They can get the rest of what is needed just by right clicking and viewing source and capturing your div tags and etc… The ultimate way to prevent theme theft is to figure out a way to prevent people from gaining access to your CSS.

  		15.  nirmaltv
    Jan 3rd, 2008 at 2:31 pm

    @Garry,
    I agree with you, there should be some way to prevent access to CSS files.

  		16.  Garry Conn
    Jan 3rd, 2008 at 2:52 pm

    Unfortunately, I don’t see how it is possible. Bloggers are all about having machine readable content. And unfortunately, bloggers are all about having this machine readable content looking pretty. CSS is nothing more than making regular text look styled and pretty.

    For bloggers that didn’t care about search engines and having their content machine readable, I wonder if it is possible to create a WordPress site written in Javascript?

  		17.  EvoWRZ
    Aug 17th, 2008 at 11:19 pm

    Thanks for the tip, i did it in my blog.

    18. Trackbacks to this post

  18. How to protect your web directories | Technology Bites
    Dec 28th, 2007 at 4:59 am

Leave a Reply

« Google Apps for Your Domain gets New features MS Office Tip: Stay Compatible with Compatibility Checker »