We’ve been using TimThumb in many scripts and WordPress plugins over the past years and it is actually a great script but there are several disadvantages to using it:
- There was a security vulnerability several versions back and ever since people do not trust it anymore and many hosts still have it on a block list unfortunately so it doesn’t work for everyone.
- Generating the cache is unstable and often causes problems due to permissions, different paths, etc. It wasn’t designed specifically for WordPress so you manually have to generate the needed paths.
- The image source points directly to the timthumb.php script and many hosting providers will block this with a 403 Fobidden due to security on the web server.
- Too many requests and TimThumb is actually slow.
There never was an alternative until recently when BFI Thumb was developed. We started switching some of our scripts and plugins over from TimThumb to BFI Thumb and it works a treat. Since we specialize in WordPress, it already does all the work for you as it was designed for WordPress specifically. It also makes use of the standard, conventional WordPress functions.