Wow this sounds so entitled. The more i read posts from the pro-automattic side, the more it sounds WPEngine is in the right.
Yes its nice if people contribute back. It is however optional. Not just in the well-technically sense, but in the broader moral sense.
If you give something away for free, wait for someone to build a business around it, and then say, well actually its not free, there are strings: that is unethical. That is a bait and switch.
If you want to sell a project, than you should sell it. If you want to make it open source, then don't be surprised when people use it as such. You can't just change the terms of the deal because one of the companies using your open source product happens to make a bunch of money.
> But access to the autoupdates infrastructure isn't part of that deal.
If wp-engine want to change customers for access to that it's not unreasonable to expect a contribution.
If they went about it in a fair and equal manner, sure. So far the public evidence looks like the access denial is retalitory or perhaps even an attempt at extortion over the larger dispute.
The api may not be part of tje GPL, but it still seems like they offered it freely and encouraged people to use it with no expectation of anything in return. Encouraging someone to use X, then getting mad at them over something unrelated, and abruptly cutting off X with no public notice is pretty unprofessional. Given their corporate structure, maybe even illegal.
Reposting something I posted in another thread but I think it's more relevant to this comment:
Would it be a good or bad look for the Fedora project if they went after a popular and commercially ruthless hosting provider offering "Fedora Hosting" for trademark infringement, while cutting off repo and update access to that provider specifically, unless they paid up some % of revenue?
Regardless of if Fedora was justified or not, it would totally destroy trust in the ecosystem and people would start to talk about seeking alternatives, which is exactly what is happening with WordPress.
Suppose I want to have a Wordpress site, and am considering the following options.
1. I create an Amazon Lightsail server set up using the Wordpress image as described here [1].
2. I get a virtual server somewhere, install Debian, do "apt install wordpress curl apache2 mariadb-server", and configure things as described here [2].
3. I get a shared hosting account at some place that includes cPanel or something similar, and install Wordpress through that.
4. I get a server, maybe virtual or maybe physical, install a Linux distribution, and install Wordpress by downloading the zip file from https://wordpress.org/download/ and following the install instructions linked that page.
5. I get an account at WP Engine and use their hosting service.
How much variation is there between these different ways I might set up a Wordpress site when it comes to how much load my site places on the Wordpress autoupdates infrastructure?
They're all going to hit wordpress.org for plugins and themes. I would definitely stay away from Debian's packages, which are outdated the moment they're installed, and the setup looks painfully fiddly and manual anyway.
An alternative to wp.org's infrastructure would be the likes of https://roots.io/bedrock, which uses composer to install and update plugins and themes along with wordpress itself. The infrastructure it uses is called WordPress Packagist, which is run by outlandish.com using github as the distribution infrastructure. The whole thing is open source, so you could run your own wpackagist service if you like.
Using bedrock in a container, I upgrade the site by building and uploading a new container image. Anything goes wrong, I roll back to the previous image. Cattle, not pets.
I think a big issue here is that it looks like Automattic (WordPress.com) is controlling the independent WordPress Foundation to harm one of Automattic's competitors.
If a commercial entity is allowed to control a non-profit and direct it toward ends that gain it profits, that isn't really a non-profit. Is the WordPress Foundation taking actions in accordance with its mission or is it taking actions at the behest of Automattic? If it's the latter, that seems like a breach of its non-profit status. It's not a non-profit if it's just a division of Automattic set up to further Automattic's profits.
Yes, infrastructure costs money and if the WordPress Foundation wanted to charge for access, that could certainly be reasonable. However, the charges would need to be reasonable and consistent with its non-profit mission and not created in a way to harm one of Automattic's competitors, not to benefit Automattic, etc.
And the current actions feel like a major breach of the WordPress Foundation's missions and statements. Literally, their website still tells people to use "WP" as a generic term. "For various reasons related to our WordPress trademark, we ask if you’re going to start a site about WordPress or related to it that you not use “WordPress” in the domain name. Try using “wp” instead, or another variation" (https://wordpress.org/about/domains/). They'd explicitly disclaimed any ownership of "WP" as a trademark.
And now Automattic is directing the WordPress Foundation to harm a competitor that Automattic thinks is taking profits from them. To me, it seems like the government needs to look into whether Automattic's relationship with the WordPress Foundation is legal. IANAL, but it seems like the WordPress Foundation is violating its non-profit status. If I created a non-profit whose mission was to make money for my for-profit company and harm my competitors, that doesn't seem legitimate.
Mullenweg started criticizing WP Engine. Those criticisms have some legitimacy. WP Engine wants to be a free-rider on the ecosystem - just as AWS wants to take popular open source projects and offer them as a service while taking profits from those actually developing the software. WP Engine sent a cease and desist to Automattic and Automattic sent one back. But now Automattic is using the WordPress Foundation to punish WP Engine. The WordPress Foundation should be supporting its non-profit mission, not the profit motives of Automattic.
I get Mullenweg's position: WP Engine is trying to make lots of money off the software that Automattic has been putting the hard work into. But that's what happens with open-source. You get free riders. I think it's fine to try and publicly shame them. However, it feels like they've crossed a line by essentially making the WordPress Foundation an arm of Automattic's for-profit. Maybe it's legal (IANAL), but then what's the point of any software foundation if it can just be controlled by a for-profit company to help the for-profit and harm competitors? Shouldn't the non-profit have to take actions that further its non-profit mission?
In fact, Automattic's letter to WP Engine doesn't say that WP Engine should be paying the WordPress Foundation. It says that WP Engine should be paying tens of millions a year to Automattic.
I hate defending WP Engine because Mullenweg's criticism has legitimacy. Free riders making tons of money are crappy actors in open-source communities. At the same time, the WordPress Foundation shouldn't be an arm of Automattic and it's hugely problematic for the foundation to punish WP Engine like this.
Nonsense. It goes much deeper than that. WordPress is no little app some dude maintains in his free time. It's a massive powerhouse that powers 40%+ of the whole web. WP Engine can't just leech on it while adding zero value.
There are approximately 330,000 web hosting companies not listed there, including a very long list that are larger than WPE, generate an order of magnitude more revenue than WPE, and host more WP installs than WPE.
WP Engine has contributed full-time developer hours to the core WordPress code base for over 10 years, is a current Five for the Future contributing member, sponsors WordCamp events globally, produces the DE{CODE} series of conferences for WordPress developers, and maintains some of WordPress's most essential and popular plugins.
To say "without giving back or adding any value whatsoever" is libel. It's defamatory and deeply untrue. You're committing one of several crimes Matt committed to start all this drama. Maybe you'll get to meet the "good guys" in person when you respond to the lawsuits in the same court system.
> PS: They also swapped WP's Stripe ID for the WooCommerce plugin for their own.
I assume you can supply actual proof for this, right? Let's see if you have better luck than the last guy who went looking, because he came up with bupkis.
I think what some are failing to realize is that many businesses are only now finding out that they are one step away from losing access to their websites. Before this wp engine vs Matt spat many of us genuinely thought that wordpress was a community project and not something that one individual could pull access to on a whim. They wrongfully assumed they had ownership of their website. That they held the cards. This is an eye opener for many of us. Regardless of who is right and who is wrong. I know for a fact that I wont let my company grow too big before moving away from wordpress and I am sure there are many more like me. Wordpress is not what I thought it was. That is ok. I just have more information to make better decisions now.
If Matt thinks he has a legitimate trademark claim, file it in court, don't play games with 3.5 million WordPress end-users that are now cut off from security updates -- including all users of the ACF plugin that aren't even WPE customers. This blog post did nothing to explain the logic behind Matt's actions (and shifting explanations for them). The only convincing sounding explanations I've found have been on Twitter, and they all revolve around WP's stagnation and Automattic's market weakness, not anything WPE has done, and nothing that will end if WPE pays the extortion demands.
Separate from anything else, Automattic's messaging around this is horrendous - I've only heard their side of the dispute, and they've convinced me they're in the wrong.
Including TFA, everything I've seen from their camp is a hodge-podge of conflicting claims: they say WPE isn't obligated to contribute anything, but also they're taking action because they haven't. Then they say access to wordpress.org is something they provide free to the community, but also they took away WPE's access to it, then restored it, and the fact that customers were affected is WPE's fault. Then there's a trademark dispute involved somehow - which seems to be their only actionable claim, but has no apparent connection to the stuff they're angry about, or what they want to change.
As a disinterested observer, it looks like Automattic asked WPE to contribute more FTEs to the OSS project, but were rebuffed, and are now doing random things that are within their power to retaliate. I don't think that's their intended messaging, but it's sure how it looks.
> Then there's a trademark dispute involved somehow - which seems to be their only actionable claim, but has no apparent connection to the stuff they're angry about, or what they want to change.
Its not just that it is unrelated. It also seems very weak. Like they are trying to claim the letters WP as a trademark? IANAL but i strongly suspect that wouldn't fly in court.
> when a company that built all its value on an open-source project decides not to give anything back [...]
As far as I've been able to tell, WP Engine have contributed back. Before this spat they were noted on WordPress.org as contributing 5% of their resources to the WordPress project[0], they have their own open-source projects (e.g: [1]), and sponsor WordPress events. What WP Engine allegedly refused to do was sending tens of millions of dollars to Matt's for-profit company.
I'd like to see this at least addressed rather than just repeating that WP Engine supposedly contributed nothing. Is it that they scaled back contributions just recently? Is it that 5% (plus events/etc.) isn't sufficient?
> Look at the following list of words and try to find the intruder:
> Well, all the ones that contain an underscore _ are names of the WordPress core database tables. All the ones that contain a dash - are WordPress core file or folder names. The one with a space is a company name…
Using "WP" in their name is branding allowed by the WordPress Foundation's trademark policy[2]. Not a lawyer, but I don't believe confusion stemming from uses that are permitted by the trademark holder count against them legally, else "WordPress.com" would be in far more trouble.
Recently I found a virus on a clients WPE site. I reached out to there suppory and they told me it was because we were on there shared server plan and we needed to upgrade to there dedicated plan. From $20/mo to literally $2000/mo.
Maybe Matt's not going about it the way everyone wants him to, but at least he's trying to do something about this parasite.
I am an outsider to WordPress ecosystem but what really annoys me is that even here on HN people can’t tell the difference between OpenSource software and using another’s services without authorization. They can’t tell the difference between “free as in speech” and “free as in beer”. I am utterly disappointed by that and wish the community will educate itself. Surely releasing the software under open source license does not give commercial entities the right to leach off of the foundation’s infrastructure in perpetuity. That being said, certainly Matt could have taken a different approach. Just that he sounds like a nice guy and didn’t do it. The right thing to do would be to put a statement in the terms of service saying “by accessing Wordpress.org for commercial purposes through automated means you agree to the charge of $1000/MB downloaded using your IP address”. Then sends multi-billion dollar invoices to WPEngine like Oracle would do. File lawsuits. Replace the updates and plugins when requested through WPEngine IPs with ones showing a “Cease and Desist” notice and notifying end users that access to their site is denied due to outstanding invoice of their hosting provider. Boom. Checkmate.
Just to be clear, WordPress has the update servers hard coded. If they wanted you to use a different server, making it easily configurable by an end user would seem like the first step before cutting of access to a whole swath of IP addresses.
It is Open Source, right? It means everyone is free to change the source. Oh wait, but that’s hard. Much easier to just point your control panel at the original distribution and start the money printing machine while someone else is footing the bill.
There is no "control panel" to point. api.wordpress.org is hardwired into the source, and the implementation of that API is not open source. Matt has personally informed us that he is perfectly happy with this setup and has no plans to change it: https://news.ycombinator.com/item?id=41675671#41678014
So it's WPE's fault for not forking the ecosystem earlier?
I run a small (tiny) hosting platform for WordPress. I prioritize exceptional customer service as a value-added service.
Before they started hosting their websites with me, all my customers shared a common complaint: they were paying companies like WP Engine and EIG a significant amount of money for a subpar hosting platform. They all expressed dissatisfaction with their websites’ slow performance and the lack of customer support. They struggled to identify what to look for in a WordPress host and often ended up choosing the first result they found in a Google search for “best WordPress host” (exaggeration).
This context partly explains why I support Matt’s decision to target WP Engine. However, my overall agreement with Matt’s choice stems from my belief that open-source projects are only successful when people contribute back. While licensing doesn’t obligate contributors, it’s undeniable that successful businesses rely on the initial creators and subsequent contributors of the project.
While I don’t necessarily agree with Matt’s specific methods, I believe there are likely better ways to address predatory companies like WP Engine that harm the community and Automattic’s reputation far less. I’ve come across some excellent ideas in this thread.
EIG is not Newfold Digital.[0] Matt has specifically praised EIG hosts.[1] He even praised Godaddy, a company which he called a "parasitic company" just a few years ago.[2]
This is definitely not about subpar hosting for Matt.
WordPress.org blocked access for WP Engine to their developer account on the website. This means they can no longer push out plugin updates via this path.[0] This comes straight from Matt Mullenweg himself in an interview done today.
Seems to me that after maybe an initial disruption in updates while they whip up a patch, WPE can distribute updates for ACF to their own customers just fine, whereas MM has basically blocked updates to every other host, including wordpress.com itself. Stable genius right here...
All this seems to be to pressure WPE to contribute back... but when the entire core and surrounding infrastructure are under the absolute control of a single petty, vindictive, and spiteful individual, it seems the proper amount to be contributing to such a project is zero.
It's high time for a hard fork of WordPress, run by grownups.
I’m an observer with no horse in this race, but from my armchair I think this argument in a vacuum sits very weird with me.
It’s strange that you can, in the first section, decry the situation of a company opting out of something that is optional on the basis of it being part of an unspoken social contract, and then later in the same article defend your own side’s decision to opt out of their part of an unspoken social contract because it is optional.
I also can’t help but keep going back to - if the founders view is that enterprise users, hosting companies, every business who’s name starts with R, or some other selection of users needs to contribute some resources to the project, why doesn’t the license say that? The argument being made takes for granted that the social contract here is common sense, but that’s not true. This is exactly why licenses exist - to clearly define these lines and avoid ambiguity.
If it’s not in the license, the presumption (legal _and_ ethical) is that it’s intended to be optional. If a company is trying to compel behavior, does that line up with it being optional?
We just see the limits of open source unfortunately.while I understand the reasons behind wp's actions against wp engine, they still broke userland and lost trust from many users because of that. Bad communications and actions from wp and its founder imo.
There is no requirement for companies like WP Engine to contribute to Wordpress. Zero. Mullenweg and his side admit as much.
And let's be real -- it's about the money. How many times have Mullenweg and co mentioned WPE's revenue in a discussion that's ostensibly about open source contributions? Otherwise, the Automattic rhetoric would be structured around "if WP Engine just contributes x hours a year of work then we'd drop the dispute." But we all know that's not true.
It's just sour grapes from Automattic, which is getting beaten by a competitor.
Until there's some legal obligation for WPE to contribute back to Wordpress, this is all nonsense.
This is making Automattic look thin-skinned and inept. They're going to lose a lot of credibility with their partners, if they haven't already. Anyone who actually watched Matt's talk knows it was disastrous. Someone in his circle needs to intervene and get him to drop this awkward, ill-advised and ultimately ineffective strategy.
I'm not involved in the WordPress ecosystem, but am an outsider looking in. I don't have all of the facts and am not a lawyer, so this is just my 2 cents.
Quoting the referenced article:
1. Contributing to WordPress
So here’s my question: what do you think of a company that, with close to half a billion dollars in revenue, and more than a thousand staff, barely contributes the equivalent of one full-time employee to the project on which it has built the entirety of its value?
My opinion of this doesn't matter. What I would like to know is this: Are all companies that profit from WordPress being held to the same standard, or is this specifically measured against WP-Engine for some particular reason? Either way, I don't believe this is relevant as its opinion, and as the author themselves state, there is no actual obligation to contribute.
2. Trademark confusion
This is why the confusion that WordPress.com may generate and the one that other company generates are not one and the same.
According to WebArchive, this was a policy change made on September 24th -- the same day that all of this kicked off.
The abbreviation “WP” is not covered by the WordPress trademarks, but please don’t use it in a way that confuses people. For example, many people think WP Engine is “WordPress Engine” and officially associated with WordPress, which it’s not. They have never once even donated to the WordPress Foundation, despite making billions of revenue on top of WordPress.
If you would like to use the WordPress trademark commercially, please contact Automattic, they have the exclusive license. Their only sub-licensee is Newfold.
For non-commercial use, you can contact us here at the Foundation.
Ignoring the out-of-place dig at WP Engine in the new text, there was a clear language change and as an outsider, it seems as though there was no notice communicated or given -- but, there is no obligation to do so.
It originally stated "you are free to use it in any way you see fit" and WP Engine did so. While the author of the text is welcome to make the change as necessary, the text also explicitly states that "WP" is not covered my trademark and the new language makes a request. I haven't seen any prior public communication or notice about such a change -- that doesn't help the perception from the Wordpress Foundation.
3. Access to WordPress.org
Here’s a company benefiting from a free resource they are not entitled to. That actually charges their customers for that free service ($3/month to activate auto-updates, something that is free on WordPress), and when they lose access to the free resource, blames others.
Why are they not entitled to benefit from an opensource project so long as they are abiding by the license? If the Wordpress Foundation has an issue with this, they should have chosen an license that applied the appropriate restrictions. They lost access because the Wordpress Foundation blocked their access without prior communication and in a, seemingly, unprecedented manner.
While not referenced in the article, I have seen claims made that WP Engine places a disproportionate load on the Wordpress infrastructure. I think it would be fair to ask them to contribute or run their own mirrors, but I haven't seen any evidence to support that such a conversation took place prior to restricting access.
--
As I mentioned, I'm not a lawyer, but I think the only actual footing that Automattic has here is potentially around the Trademark policy, of which it is only "WordPress", NOT "WP". Could WP Engine maybe rework some wording on their website or something? Sure. If there was a disagreement, it should have been handled in court, not in the way its currently being handled.
I don't think either party is morally in the clear -- but legally, that doesn't matter. I do think Automattic and the WordPress Foundation (both run by Matt Mullenweg) are approaching solving this problem in possibly the worst way possible and seem surprised about the negative response that they are getting.
I do think there seems to be an obvious conflict of interest between Automattic and the WordPress Foundation -- The WordPress Foundation seems to be punishing WP Engine for a legal dispute between Automattic and WP Engine. I suspect that this is due to a lack of Governance structure around the WordPress Foundation that other large opensource foundations have -- even moreso based on the public postings of members of the WordPress community that have been blindsided by the actions the WordPress Foundation have taken seemingly without any kind of discussion or communication within the Foundation.
As some additional bit of data to interpret the way you will... I just found a Reddit (https://www.reddit.com/r/Wordpress/comments/1fol35p/wordpres...) thread that found several additional Trademark filings by the WordPress Foundation in July for the terms "Managed WordPress" and "Hosted WordPress".
Tldr: This employee of Automattic stresses that he independently agrees with every complaint that his boss has. He wants us to know that this is a nuanced situation in which he has weighed all things and discovered that the person that pays him is objectively correct
Summarizing an article isn’t the same thing as disagreeing or calling anyone names. The author of the blog post notes his employment more than once and goes on to agree with his employer.
Well, that's stretching the HN guidelines even if that were the case. Drawing a conclusion that an author may be biased based on their employment is far from an ad hominem.
If you follow dang's moderation comments closely (and I do, both to understand, and occasionally criticise, his actions), you'll note that implication and nuance actually play critical roles.
It would require the reader to actively insert additional meaning into a mundane summary that isn’t disputed in order to arrive at name-calling here.
I an not familiar with all of the minutiae of dang’s moderation philosophy, but taking a comment, attributing the least charitable possible interpretation to it, and then accusing someone of name-calling based off nothing but your claim to a deeper knowledge about how he thinks seems like unproductive conversation.
A key distinction is that one doesn't accuse of name-calling, one moderates based on it.
Accusations are also personal attacks, and are similarly against guidelines.
Note too that it's member votes and flags which achieve the overwhelming majority of moderation results on HN, so going up against a significant, and reasonably plausible, objection, probably isn't a winning move.
Hope I'm not too late to the party. This is the first time I've read a link about the Wordpress spat; mostly because ... well ... HN is a firehose.
So, "What the heck is going on with WordPress?" IE, does anyone have any links that explain what happened in a neutral, unbiased (within reason) manner?
IE, I certainly respect the opinion in the linked article, but I'm so new to the story that I'm not comfortable agreeing or disagreeing with the points in the article.
Yes its nice if people contribute back. It is however optional. Not just in the well-technically sense, but in the broader moral sense.
If you give something away for free, wait for someone to build a business around it, and then say, well actually its not free, there are strings: that is unethical. That is a bait and switch.
If you want to sell a project, than you should sell it. If you want to make it open source, then don't be surprised when people use it as such. You can't just change the terms of the deal because one of the companies using your open source product happens to make a bunch of money.