Hello,
I am considering buying a template on envatomarket to propose it to a client but I have some questions first concerning the template security and viability.
How do I know that the templates are secure, and that they will continue to be updated in some years’ time? Will they remain compatible with the latest Wordpress update?
Are they compatible with the Divi or Elementor page builders?
My priorities are long-term security and the continued existence of my sites over several years. I wonder how the envatomarket templates compare to the use of the bigger theme frameworks such as Divi, Elementor or Genesis in terms of site longevity and security.
Is it recommended to use such templates for the creation of Internet sites for my clients?
Many thanks in advance.
-
Themes are more like complete websites whereas Divi and Elementor are more the building blocks used to create these.
-
Some themes use Elementor but not really Divi. WP Bakery is another popular plugin builder.
-
Themes are tested by envato to ensure they meet the standards so should be secure etc. (although this can be impacted by numerous things beyond the theme itself)
-
Updates are not guaranteed although bigger authors tend to keep their themes up to date.
-
I believe that a huge % of freelancers use themes from here for client work.
In a nutshell, Themeforest offers a great solution. However, anyone posing as a service provider to clients for their websites should be willing to take a degree of responsibility for the project.
If you go with established authors then you minimize the threat of issues, however, given the price of, in many cases, a pro-level complete websites that would cost tens of thousands of $ from an agency, it’s not right for anyone to get guaranteed assurance for years to come
Unfortunately, if your clients want to cut corners then there will inevitably be a risk. As long as you are upfront with clients that you are using a 3rd party template/theme then they are more likely to be understanding if problems do arise.
Hi
Regarding security, all themes are secure because are verified by envato before aprouve.
Ex now envato send to all authors to make their themes secure and high secure using new functionality.
Some authors made, some others not.
We choose to make our themes secure so we recive a badge for our profile.
You can check this badge on author profile and you will now that all his themes are updated and secure.
Cheers
Many thanks for your clear and detailed response
Hi… looking for the security on the site this post… specially this comment come to my attention.
I believe in this specific case described in my post here describes a very critical flaw, as much as failing your vetting process
to summarise the case, a theme after installing demo content is having a request for admin email change. No okay for the type of business we are managing here: online sites!!!
@payothemes valuable information you are sharing here… unfortunately, I couldn’t easily find this security badge if any (here the existing badges), only the one for hacker which is about envato security site improvement, but nothing related to a product/author being properly secure.
Hope this post goes to the right direction, which is to improve security for all of us
There are a few points here, and I am treating it as a power buyer perspective, and not a MOD or author.
-
Your other post and situation. While I do appreciate the concern this would cause - I also think it is a rare occurrence. It’s not an excuse but there will inevitably be a few cases which slip through the net with themes that are not owned or developed by envato themselves and tens of thousands of submissions every month. We’ve purchased well into the thousands of files and have never come across that before and looks like an error in judgement when exporting the demo content.
-
Generally Envato are constantly updating all efforts to improve consistency of products sold on the marketplace (naturally there will always be differences between different authors/teams)
-
In the interests of fairness (and not aimed specifically at anyone) assessing envato themes based on offering long-term updates, support, lifespan etc. is flawed - even if someone went to top tier agency to have a custom solution hand coded there would not be continued support and updates without some form of retainer cost or further investment. This would be a completely different model of envato and comes with a ton of complex considerations, but as things stand, numerous authors do build with longevity in mind, but it’s not a criteria to base a view of envato as a whole upon.
-
If a buyer/client/user wants to benefit from the low low prices of using stock theme then they cannot expect the same level of outcome as a custom solution which would cost tens of thousands more
-
The idea of client work and where responsibility sits. Again not aimed at anyone person. If a user is adopting envato themes (or any other item) for 'client work then they take the responsibility of doing so and making that decision. Any issue cannot be held against an author or envato, even when problems occur due to bad practice. Hopefully they are honest with clients and explain that they are using third party code/design and therefore justifying any unexpected delays or supplementary costs involved.
-
Following on from the point of responsibility - there are a ton of things which can impact the security and longevity of websites e.g. crappy shared hosting, adopting of more plugins, and so on. Yes, bad practice behaviours with themes can certainly contribute, and I don’t think anyone aims to try and dodge that fact, just reiterating the importance of so many other things far beyond envato’s control
Again It’s not good that you found areas for concern, however, I do think that it is important to consider the bigger picture beyond what I am certain is a rarity.
thanks you very much @charlie4282 I find very proper and on the point your comments.
so… point taken.
now… what the procedure it is to report such a security issue and suggestion for improvements? e.g Security badge that certificates that author follow to the best envato guidances when it comes to security issues.
again, and as you described, no aiming at anyone (so people got a bit over sensitive 
) you understand that this is a very critical security issue that needs to be taken care of. Again, it might be that that author didn’t intend any hurt, and yet the issue is there.
My apologies if the initial comments/post appears to be pointing fingers… I just want community to improve since it benefits us all.
You can always share thoughts and ideas with envato directly here Envato Market Help and Support