I really hate it when I need something done quickly so I jump on the web and find a (script, theme, plug-in, etc..) then install said file only to find out the author base64’d some random part of the code that added a bunch of branding and random author links all over my website. I’m pretty good about checking anything I recycle from other sites, but a lot of people miss this (bastard-like) behavior. Especially people who grab the freebie themes and plugins from WordPress’s themes and plugin’s manager.
In a worse case scenarios, some malicious attacks can be unknowingly attached to files encoded in this manner, like backdoors and sites hacks. In most cases it’s just an author who plasters ad-scripts and other unwanted crap in the footer of your site that is time wasting to get rid of.
So here is a way to stop that type of activity, even if you possibly miss a file that has some random base64 encoding in it:
Find your php.ini file and add these two lines, save it, and re-upload it.
disable_function = "base64_decode"
ini_set('base64_decode', 'Off');
Restart your server processes and anything encoded with base64 will no longer work on your server no matter what.
As a side note, remember, anytime you run into a situation where you download anything that has base64 encoded code in it, make sure and anonymously drop the author a note that includes the words “Fuck” and “You” somewhere in the body copy.