Be careful what plugins you install! | Boagworld - Web & Digital Advice

Web & Digital Advice

Digital and web advice from Headscape and the addled brain of Paul Boag... tell me more

Nils Fearons Posted by: Nils Fearons On Wednesday, 28th November, 2012
Development Question & Answers:
The estimated time to read this article is 2 minutes

So your site has harmful code somewhere in the depths of its files and you don’t know where to start. I haven’t seen your site but my guess is it has some really cool features in there like a slideshow or a fancy menu of some description that uses JQuery/JavaScript.

Now this is a really exciting time to be involved in web and there are so many developers writing off the shelf tools that can be added to our site, most of these tools come as a package with some image files, CSS files, JavaScript files, this is great as we can just cut and paste them in to our directories blindly link them up in the header and bingo its working, we don’t need to worry about it anymore.

Or do we? Most of the add-ons, poly fills and plugins that we use have been made by responsible designers and don’t contain anything harmful, the problem is we take this for grated and there are people out there that do write malicious code.

How do we fix this? Well you could try cleaning the code yourself. My guess is there may be something in the head of a CSS file or JavaScript file when the developer has written there declaration, this will be commented out and really easy to remove. If that does not work then it probably written in to the code, this will be really easy to spot in the CSS but if like me you don’t know enough about JavaScript to start removing chunks of code then you may be in trouble. Another thing you could try is to update all of your scripts, if it comes with jQuery then delete the file and download it again from the official site this will ensure you have the latest copy free from malicious mark up.

The bottom line is as front end developer we should know what we are putting in to our websites only when we know and understand can we start to fix the problem, I’m not saying everyone should know every coding language inside out but just a quick scan of the file you are adding in to the site should prevent the addition of anything untoward. If after you have done this you are still having problems then it may be wise to look somewhere else for that cool plug in or extension.

Computer Program image comes from

Become a web expert with our newsletter

Receive invaluable advice every three weeks and get two free video presentations for subscribing. You can unsubscribe in one click.

Blog Updates

You can follow all my posts by subscribing to my RSS feed or signing up to my email newsletter above.

Podcast Updates

Subscribe to the podcast via itunes or RSS. You can also subscribe to my quick tips via itunes and RSS too.

Social Updates

I am completely addicted to Twitter so try following me there. I also have a Facebook page which contains considerably less waffle.


Boagworld is a community, not just the voice of one blogger. You've read the post, now its time to get involved.