Is Base64 Code Bad For You?

Writing by Nick Stamoulis on Monday, October 19, 2009 Comments (2)

Base64 code derives its name from the fact that it uses only 64 characters. MIME-based (Multipurpose Internet Mail Extensions), Base64 uses only A-Z, a-z, 0-9 and the “+” and “/” symbols. That’s 64 characters, hence the name.

In and of itself, Base64 is not bad. It has its practical uses. One of its widest applications is in embedding binary files such as images within scripts. This allows a coder to include the photo on the page rather than in an external file. It is also used to store passwords for encryption.

The problem with Base64 encoding is its strengths are also its weaknesses. Because it is useful in obfuscating passwords and embedding binary files within scripts, it is easy for spammers and malware distributors to use as well. In fact, this is often precisely what they do. And they do from within your WordPress themes. Some WordPress developers have figured out that they can use Base64 to embed a delayed script within the footer of your WordPress theme that is activated once so many downloads of that theme have been distributed. Then, you have a malware problem.

Other theme developers sell links that are placed within WordPress theme footers. You can’t see them because they stored inside a Base64 encoding string. It looks like one link to the naked eye, but in reality it could be linking to half a dozen or more websites. Even if those sites are all good and pose no threats, it’s still not something you want to do, right?

Well, there is a solution to this problem. You can download the Theme Authenticity Checker for WordPress and detect these Base64 strings that link to sites you do not want to endorse. You can then either delete those links from your blog’s footer or find a new theme. Either way, you rid yourself of unwanted Base64 code.

Comments (2)                      Category: Webmaster Tools                      

Read similar posts in Webmaster Tools

2 Comments

Comment by Tanya

Made Tuesday, 3 of November , 2009 at 9:25 pm

Thanks for this information regarding Base64 Code. I was aware of this type of bad link strategies, yet, not certain about the code underlying the issue. I am happy I discovered your blog post.

Comment by Nick Stamoulis

Made Tuesday, 3 of November , 2009 at 11:05 pm

Hi Tanya,
Thanks for reading and glad I could help!
Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Search Engine Optimization Journal is an SEO Blog that discusses Search Engine Marketing, Search Engine Ranking and Positioning for the new and advanced reader.