I’m sorry, but I’ve closed this showcase as I did on my Beast-Blog theme for a number of reasons. Here’s why:
- It’s too difficult to keep current.
- I don’t have the time.
- It can get out of date fast.
- Hackers can use the list to find you.
Anyone can download this theme. Thus the file names and structure are known. Like other themes, file security — being files are system writable (666) so you can edit them in the Theme Editor — is dependant on your server’s security. If you have directories for Uploading set to 777 (-rwx-rwx-rwx-), as WordPress [ill]advises, and as they must be to make WP uploading possible, you are vulneranble as hackers can become part of your server group. Once in, they have the same rights WP does. Changing you files to 644 is not the fix (it’s a bandaid). The fix is to reset any 777 directories to 755 as they should be to be safe. By removing the showcase, I am not pointing out who is using the theme and its file structure so hackers’ CHMOD-listening ‘bots can’t go from site to site using my list looking for vulnerable directories you may have. If I don’t have a list of sites, they can still find you, but they can’t use my list to do it. My advice in all instances: Secure your directories! Don’t count on not being found! 777 is NOT safe!