Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
IT Technology

WordPress.org Denies Service To WP Engine (theregister.com) 70

WordPress has escalated its feud with WP Engine, a hosting provider, by blocking the latter's servers from accessing WordPress.org resources -- and therefore from potentially vital software updates. From a report: WordPress is an open source CMS which is extensible using plugins. Its home is WordPress.org, which also hosts resources such as themes and plugins for the CMS. A vast ecosystem of plugins exists from numerous suppliers, but WordPress.org is the main source. Many WordPress users rely on several plugins. Preventing WP Engine users from accessing plugin updates is therefore serious, as it could mean users can't update plugins that have security issues, or other fixes.

WordPress co-founder and CEO Matt Mullenweg recently called WP Engine a "cancer" and accused it of profiting from WordPress without contributing to development of the CMS. Mullenweg has sought to have WP Engine pay trademark license fees -- a move he feels would represent a financial contribution commensurate with the benefits it derives from the project. WP Engine doesn't want or intend to pay. Mullenweg argued that if WP Engine won't pay, it should not be able to benefit from resources at WordPress.org.

This discussion has been archived. No new comments can be posted.

WordPress.org Denies Service To WP Engine

Comments Filter:
  • can they use the DMCA? And if so can end users get the strikes?

  • The actual issue (Score:5, Informative)

    by donaggie03 ( 769758 ) <d_osmeyer@nospAm.hotmail.com> on Thursday September 26, 2024 @09:26AM (#64818991)
    "WP Engine wants to control your WordPress experience. They need to run their own user login system, update servers, plugin directory, theme directory, pattern directory, block directory, translations, photo directory, job board, meetups, conferences, bug tracker, forums, Slack, Ping-o-matic, and showcase," Mullenweg wrote in a WordPress.org post announcing the ban. "Their servers can no longer access our servers for free."
    • Re: (Score:3, Insightful)

      by omnichad ( 1198475 )

      Sounds like Wordpress doesn't actually want to be GPLv2 if they don't want companies profiting from customized versions.

      If they're already running their own update servers then it seems like they don't need direct access to the servers as long as they have another IP somewhere to grab the files from.

      • Re:The actual issue (Score:5, Interesting)

        by Digital Avatar ( 752673 ) on Thursday September 26, 2024 @11:52AM (#64819315) Journal

        GPLv2 doesn't let you engage in trademark dilution by disabling key features and continuing to market it as the genuine article. This is why even BSD/MIT/X licenses do not give you a trademark license. If you want to take someone's code and offer it as a service, albeit one that disables key features that aren't profitable for you, you have to market it as something else. WP Engine is being deceptive and Wordpress wants them to pay up for their deception. I don't think that's unreasonable in the slightest.

        • That's a tough one. I don't think that having WP in their name is good. Hard to argue that they aren't appropriating the trademark and making them look related/sponsored by WordPress. However, Wordpress is a platform. And advertising API compatibility with something is usually not considered a trademark infringement. So having WordPress plastered all over their web site is fine even if they don't use the exact unmodified source code. You can install the same plugins and run the same sites. Microsoft

          • No one would have a problem if they were advertising compatibility (read: nominative fair use), but since they're disabling core features (read: revisions) they're not actually fully compatible with Wordpress, so it's not nominative fair use.

            • The platform is so extensible, they could easily be doing this by disabling it through a forced plugin to modify the behavior of Wordpress. It doesn't require modifying the core code.

              • Irrelevant. This isn't a copyright issue. This is a trademark issue.

                • It matters if they are actually maintaining compatibility through the way they disable the feature. A forced plug-in running on TOP of WordPress would still mean it's WordPress.

      • by sjames ( 1099 )

        Not necessarily. They're not complaining about individuals installing Wordpress on their own servers.

        Many GPLv2 projects demand that people distributing a significantly modified version somehow distinguish their distribution so the original project doesn't get blamed for someone else's screw-ups.

    • ... if WP Engine are genuinely tech-driven they will see this fight for what it truly is: A prime opportunity to fork WP and redo it from the bottom up, fixing all the stuff in WP that was built by people who shouldn't have been let near a keyboard 20+ years ago. ... Hardwired URLs or god-object post anyone?

      If I were WP Engine I'd do exactly that.

      • by paulatz ( 744216 ) on Thursday September 26, 2024 @11:13AM (#64819237)
        It looks like WP Engine is running a 500M software business while paying the equivalent of a single full time developer. If they fork the project, it'll cost them a thousand time more.
      • What would the costs be for them to spin up a fork and to maintain and actively develop it?

        • According to Mullenweg (so take it with a grain of salt), "Automattic contributes 3,900 hours per week, and WP Engine contributes just 40 hours", so the cost would be at least 100 times more than they pay now (and this does count only developers, not infrastructure).

      • I agree, this is the spirit of GPL: WP Engine is totally free to fork the project. But I am ready to bet they won't do that.

  • ... as anyone who has had to administer a server running it knows all too well.

    • Pretty much

      Could not erase the malware called WordPress fast enough.

      Still see around 30+ vulnerability scans a day on replacement sites...

      • I wouldn't say Wordpress is the malware. But the whole idea of a site that is extensible via plugins falls apart when pretty much all major plugin developers themselves are shady and shoddy. Wordpress is just the container that holds a cesspool of malware.

        • by ArmoredDragon ( 3450605 ) on Thursday September 26, 2024 @12:15PM (#64819361)

          It sounds like it has NPM disease.

        • I'm sitting here reading all of these comments wondering if wordpress had done something different than they did back in the early 2000s when I got interested to try it as my first website. Wordpress is exactly a cesspool of bad plugins. They're cool to use, for like 30 minutes until the bots find out that another wordpress site popped up.

          • I really think the platform itself is solid now. I used a modified version of the original B2 blog in the early 2000s for a personal site and it has come a long way since then. I think it's very stable and secure now even compared to 5 years ago. Of course as B2 it had no need for heavy theming or plugins but it was very insecure then anyway.

            But in a lot of ways WordPress is a very minimal inner platform with some really good UI hooks. To do anything outside of the bare minimum you need either a third pa

    • by znrt ( 2424692 )

      if anything this might start the demise of wordpress ... until something worse comes along.

  • by echo123 ( 1266692 ) on Thursday September 26, 2024 @09:38AM (#64819019)

    This is the open-source equivalent of, 'I'm taking my ball and going home now'

    In another world, Drupal hosts on Gitlab, so fork all you want independently of the Drupal open-source community. That said, Acquia is well known for essentially closing open-source Drupal [slashdot.org] by 'adding stuff to it' just like what Microsoft did to the web via Internet Exploder in days of old. So one has to make a choice, work with Acquia stuff or avoid Acquia like the plague. (My answer: what are your requirements and budget to begin with?) For those that didn't already know, Acquia is the 800 pound gorilla in the Drupalverse.

    I've worked at government sites and once we've had difficulty pulling updates from drupal.org, and things were so bad we contacted the drupal.org admins to ask if we were blocked. The reply we received was essentially, 'no way, we don't block anyone from anything!'. And of course the issue turned out the be some aspect of the government firewall preventing us from pulling code from Drupal's servers. Open source works well when its used correctly.

    • I don't know that Drupal is any better. Over the past several years I've seen more major security flaws in Drupal's core than in core Wordpress.

      That's not to say Wordpress plugins don't continue to be a huge issue.

      • by xevioso ( 598654 )

        We spent a good deal of money to switch from a Drupal site and converted it to Wordpress. We could not be happier. The vast amount of plugins, the ease of modification, the extensibility... everything is so much easier with WP. We host on Pantheon, and they are fantastic for us.

        • i used to run an events calendar site on drupal for my local community - it was like a fulltime development job with plugins constantly breaking each other.

          Then i discovered wordpress, themes and never touched drupal again - not sure who it's client base is but it's not a cost or time effective solution and anyone still using it has had a good 12 years with better choices around

        • by lsllll ( 830002 )

          I switched from Drupal to WP for my couple of web sites as well and couldn't be happier. Updating and grading Drupal was always an issue, but it's a breeze in WP. To be fair, WP had its share of issues as well. I used WP in limited capacity prior to their version 5 and it was just as clunky as Drupal, but starting with version 5, things just started to fall in place and "work". My sites don't get a lot of visitors and don't go through much change, but one of my customers wanted WP for their departmental

      • Over the past several years I've seen more major security flaws in Drupal's core than in core Wordpress.

        Perhaps you meant to write?:
        "Over the past several years I've seen more major[, reported, -me, echo123] security flaws in Drupal's core than in core Wordpress.

        That's not to say Wordpress plugins don't continue to be a huge issue.

        This is probably the #1 advantage of using Drupal, thanks to its, (GPL?), licensing and the security team [drupal.org] along with the best practices that have been built into drupal.org by the

    • by SpzToid ( 869795 )

      Given your comparison maybe WP Engine, (unlike Acquia), fails to frequently & often commit upstream to the mothership codebase. And that is the difference between the two open-source internet CMS project examples.

  • by Vegan Cyclist ( 1650427 ) on Thursday September 26, 2024 @09:59AM (#64819075) Homepage

    Isn't this saying pretty much any company that's a WP host is also a 'cancer'...if they don't contribute 'enough' as judged by WP.org?

    What's to stop WP.org from blocking any or all other companies that host WP?

    This seems like a big, big problem. And terrible precedent.

    • by Rinnon ( 1474161 )

      This seems like a big, big problem. And terrible precedent.

      I'm not sure it's a precedent just yet. Given the amount of money at stake, I imagine that WP Engine isn't going to take this lying down, and if they can't come to some sort of settlement, will probably sue. We'll see what precedent is left after the dust settles.

      • by unrtst ( 777550 )

        This seems like a big, big problem. And terrible precedent.

        I'm not sure it's a precedent just yet. Given the amount of money at stake, I imagine that WP Engine isn't going to take this lying down, and if they can't come to some sort of settlement, will probably sue. We'll see what precedent is left after the dust settles.

        Sue for what? A negative amount to pay for all the services they've been using for free over the years?

        My prediction, FWIW:
        * WP Engine will start hosting some of the services themselves, starting with the easiest stuff, like update server mirrors.
        * WP Engine will make some sort of commitment to contributing some amount of time/money/developers back to WordPress.
        * Maybe some payments will be made for a while to ease the tension and get the tertiary services opened back up.
        * They'll both come out ahead becaus

        • by lsllll ( 830002 )

          If it doesn't pan out like you stated and doesn't deescalate, I can see WP suing WPE for trademark infringement. WPE should have treated their operation like CentOS treated theirs. CentOS removed all references to RedHat from the software and had their own distribution mechanism, even though most RPMs from RedHat would have just worked in CentOS.

          • by unrtst ( 777550 )

            Agreed. Speaking of the WordPress trademark, I was curious who owns/maintains it and found this:
            https://wordpressfoundation.or... [wordpressfoundation.org]

            The abbreviation “WP” is not covered by the WordPress trademarks, but please don’t use it in a way that confuses people. For example, many people think WP Engine is “WordPress Engine” and officially associated with WordPress, which it’s not. They have never once even donated to the WordPress Foundation, despite making billions of revenue on top of WordPress.

            If you would like to use the WordPress trademark commercially, please contact Automattic, they have the exclusive license. Their only sub-licensee is Newfold.

            For non-commercial use, you can contact us here at the Foundation.

            Sounds like it's not very clear cut or they would have done so already.

    • Seems kind of like the Reddit API thing that caused every 3rd party Reddit reader app to vanish overnight:

      1. complain about other people using your public API to make a better product than you do
      2. heavily restrict / privatize your API unless app authors pay up, on a recurring basis based upon their app's API usage
      3. none of the app authors pay up because they're not big companies - they're individual guys who wrote a better Reddit app than Reddit is capable of with a team of paid developers

    • The problem is that WordPress.org, the open source project, is controlled by the same people who run WordPress.com, the for-profit hosting service that directly competes with WP Engine. This conflict of interest was never a problem before, but it seems that like with OpenAI, the "Open" part falls victim to the side concerned about profits.

      Red Hat is another example of how open source licenses alone cannot achieve open source goals. There has to be a organizational structure in place that can be trusted. Oth

    • Isn't this saying pretty much any company that's a WP host is also a 'cancer'...if they don't contribute 'enough' as judged by WP.org?

      No, they have very specific complaints about WP Engine, how they present themselves, how they disable functionality, and as others have pointed it WP Engine is very likely in breach of the GPL in this case.

  • This explains why 100% of my WPE sites can no longer update or browse plugins as of this morning.

    Matt needs to grow up. WPEngine owns some of the most widely used plugins, like Advanced Custom Fields, to do things that WordPress should do natively. If he doesn't like that other companies are making money off his OPEN SOURCE platform, maybe he should make future licenses to prohibit reselling or integrating in commercial projects.

    • Why did you choose WPE when almost EVERY hosting provider has one-click WordPress install available and often with lower hosting cost than WPE?
      • I benchmarked multiple hosts - WPE was faster
        Their backup is one of the best i've ever seen
        They provide multiple environments out of the gate for Dev->Stage->Prod with Git/Bitbucket integration
        Shell Access + Database Access
        They manage the plugins and platform updates for us
        Their support is fast and reliable
        Their control panel is user friendly, and my clients can figure it out without a problem.

        • by Bahbus ( 1180627 )

          Or you could just not use WordPress, or anything even remotely tied to WordPress (WP Engine). Almost any other CMS is better than WordPress. I've never seen any WordPress based website that functions well, loads quick, AND looks good. Best you can get is 2 out of the 3, but even that's not very common for WP based sites.

          Now, I don't blame people for choosing WordPress (or WP Engine) to begin with. It's a big, recognizable name. But it is a mid to ass tier product, depending on what your site is for. Blog or

          • Wordpress is what you make with it. The problem is, too many people just start stuffing plugins in to add features, which slows things down or cause issues. I've built some wordpress sites PROPERLY that continuously load at 80/100 or faster on speed tests, look amazing, and function very well.

            WordPress can also do Headless :-)

            But I understand what you are saying. I've used other CMS's as well - Drupal, Craft, Sharepoint (eww) and more. WordPress just has the larger community which makes it easy to develop f

            • by Bahbus ( 1180627 )

              Plus, not all plugins are high-quality plugins. My brain short circuited when I wrote Headless. I meant to put an actual headless CMS there - Ghost or Strapi. I like those a lot. And agree about Sharepoint. It's so bad, even the "pros" use it poorly from my experience.

    • by DewDude ( 537374 )

      Maybe WPEngine shouldn't leech off the backend API's.

  • The project is Open Source, but it's only available if you pay them? What?

    • Re:Open Source? (Score:5, Informative)

      by The-Ixian ( 168184 ) on Thursday September 26, 2024 @11:14AM (#64819241)

      Open Source != Open Access

      If I am hosting open source software on my server, you don't have an automatic right to access my server just because I am using open source software.

    • Re:Open Source? (Score:5, Interesting)

      by Digital Avatar ( 752673 ) on Thursday September 26, 2024 @11:47AM (#64819309) Journal

      Pretty sure open source doesn't mean you can take someone's code (Wordpress), sell it as a service (WP Engine), and then disable key features of the code (i.e. revisions [wordpress.org]) while still claiming to sell someone else's code as a service (i.e. WordPress), thereby creating confusion in the market that damages their trademark, and then disable the news feed in WP's admin console to block attempts by WordPress to notify WP Engine customers of what WP Engine has been doing [x.com], all so that you can sell your own replacement for the removed feature and make a mint from the confusion.

      In fact, I'm pretty sure even the most permissive of open source licenses doesn't let you pull shit like this, and WordPress is perfectly justified in either demanding they stop diluting their trademark, demand they pay licensing fees for the use of their trademark, or both.

      • If the code is GPLv2, you can most certainly take the code and sell it as a service. What you can't do is use their trademark. WP Engine alludes to WordPress. I don't know if they are actually using the trademark in an impermissible way. But if there is litigation around this it will be trademark disputes not a GPLv2 case.
        • You can take the code and sell it as a service. You cannot take the code and mislabel it, thereby infringing someone's trademarks. No license allows that. That is what this whole thing is about.

          I get other people not reading the article since slashdot is infamous for that... but not reading the article when someone points out exactly how everyone here is getting it wrong? That's a new level of laziness bordering on intentional bias that looks suspiciously like bootlicking.

          • I'm not a trademark lawyer, but I'm not sure that even accurate labeling would matter. You can't use somebody else's trademark in a way that leads to market confusion. And that pretty much means you can't use somebody else's trademark. You could offer the Wordpress code as "Super-Duper CMS" but not as Wordpress even if you were to offer it unmodified if that would create market confusion and the trademark owner is going to argue vehemently that it does. Hence why we have tools like IceWeasel. Same code
            • by lsllll ( 830002 )

              You can't use somebody else's trademark in a way that leads to market confusion.

              Not only that, but it also means that after your trademark has been granted, you have an obligation to chase off anyone else that starts using your trademark without your permission, otherwise it'll set a precedent for later failure by you to enforce your trademark.

      • by DewDude ( 537374 )

        I think the most permissive "open source" licenses are public domain declarations and "Do What The Fuck You Want".

        MIT is pretty permissive too.

        If I forked Wordpress, built my own version, then sold it as a service; there's nothing that prevents me. I'm required to further open source my improvements, usually under a similar or compatible license as the first. What Wordpress is angry about is the fact the forked version might use their resources, like theme and plugin repositories.

        So what's really the proble

        • I think the most permissive "open source" licenses are public domain declarations and "Do What The Fuck You Want". MIT is pretty permissive too.

          Yeah. With the code. Not with trademarks. WP Engine is clearly in the wrong here, and they should really pay up or just admit they're not actually selling Wordpress.

          • by DewDude ( 537374 )

            I mean if this is ultimately over trademark...then they should have taken them in to court before any actions. Should a court find that WP Engine doesn't infringe on Wordpress trademark...then it's going to be a scramble to justify the ban if WP Engine counter sues.

            • Going to court first is nice if you have an unlimited supply of money, but they clearly don't, so they tried embarassing them in the court of public opinion, and a cease-and-desist first. Didn't work, so here we are. They're not wrong for trying.

              • Going to court first is nice if you have an unlimited supply of money, but they clearly don't,

                Automattic has nearly 2,000 employees. They're not hurting for money.

                It has been commonplace for the last two decades for plugin developers to use "WP" in the names of their products and company names. All along WordPress.org has had no problem hosting and promoting their products.

                WP Engine has positively contributed to the WordPress project through plugin development and as a hosting provider. For WordPress the open source project, WP Engine has been great. Automattic just views all those WP Engine hosting

    • by DewDude ( 537374 )

      There are some things Wordpress provides on the back-end for Wordpress installations; like theme and plugin repositories. When you browse them in WP Admin, those results are being returned by a server Wordpress owns.

      This is largely about WP Engine no longer getting a free ride on the backend that powers stuff. They're saying "if you're going to generate all these billions of extra requests maybe you should reimburse us given your profit margin"; and WP ENGINE is going "You're hurting our business by not let

      • In Mullenwegs post on Sept 21 he stated that the disabling of revisions by WPEngine to save money via payments to Wordpress/Automattic. Then they started blocking the news feed that would have informed WP users on the WPEngine platform that they should have revisions, but they were disabled by the host. This stripping of functionality would lead to confusion among wordpress users. Etc.

      • This is largely about WP Engine no longer getting a free ride on the backend that powers stuff.

        Giving people a free ride for the backend that provides plugins and updates is what made WordPress so popular in the first place. This is the model WordPress created to become popular. Without this model, WordPress.com and WooCommerce (where all the money comes from) would not be raking in money like they are today. This is very much like RedHat attempting to weasel around the GPL because now that the open source project has become a sort of widely used standard that millions of customers depend on, they th

"It takes all sorts of in & out-door schooling to get adapted to my kind of fooling" - R. Frost

Working...