I'm not a lawyer, as you will soon realize. This is just water cooler talk, which is what HN is for.
I sort of directionally think that if WPE had a strong case here, their opening bid wouldn't be a C&D (I've noticed C&Ds frequently include a "preserve documents" section, presumably as punctuation, but for what it's worth that's an implicit threat they might sue).
The meat of this C&D seems to be a section towards the middle where they describe Mullenweg's keynote speech. It makes, according to WPE, these claims (numbers mine):
1. Claiming that WP Engine is a company that just wants to “feed off” of the WordPress ecosystem without giving anything back.
2. Suggesting that WP Engine employees may be fired for speaking up, supporting Mr. Mullenweg, or supporting WordPress, and offering to provide support in finding them new jobs if that were to occur.
3. Stating that every WP Engine customer should watch his speech and then not renew their contracts with WP Engine when those contracts are up for renewal.
4. Claiming that if current WP Engine customers switch to a different host they “might get faster performance.”
5. Alleging that WP Engine is “misus[ing] the trademark” including by using “WP” in its name.
6. Claiming that WP Engine’s investor doesn’t “give a dang” about Open Source ideals.
Under a US defamation analysis, claims (1), (3), and (6) appear to be statements of opinion. Statements of opinion, even when persuasively worded and authoritative, are generally not actionable as defamation. It might depend on the wording; in corner cases, an opinion can be actionable if it directly implies a conclusion made from facts known to the speaker and not disclosed to the audience --- but the facts involved have to be specific, you can't just imagine that I've implied I have secret facts (or my audience expects me to) because I'm Matt Mullenweg.
Claim (4) seems like it's probably just a fact? Is WPE assuredly the fastest possible provider at any given price point? The "might" also seems pretty important there.
That leaves (5) the allegation about the trademark dispute, which doesn't sound like an especially promising avenue for a lawsuit, but who knows? and (2) the bit about employee and former employee reprisals. The thing about (2) is if there's a single example of a disgruntled WPE employee who thinks they missed a promotion because they stuck up for the WordPress Foundation or whatever, WPE might have a hard time using that claim.
You'd think that before WordPress/Automattic started directly demanding funds from the board of WPE, they probably had some kind of counsel review this stuff and figure out what they could and couldn't safely say?
Maybe there's tortious interference stuff here that gives these claims more teeth than a typical defamation suit (I've come to roll my eyes at tortious interference, too; unless you're alleging really specific fact patterns I've come to assume these interference claims are also a sort of C&D "punctuation").
This is one of those times where I'm saying a lot of stuff in the hopes that someone much more knowledgeable will set me straight. :)
People in this thread seem to be focused on the defamation angle, but is the more important allegation not the alleged demand for large amounts of money to not destroy WP Engine's business? Matt sounds like a wannabe mob boss in the screencapped texts, sending photos of the crowd before his keynote and talking about how he could still "very easily" make it just a Q&A session if WP Engine agrees to pay up.
Exactly, the extortion is the most serious allegation, but WPE isn't providing a lot of background in terms of what and how much Mullenweg was demanding, only texts that came well after the demand was made. My guess is if there's a really damning email, WPE's lawyers served them a legal hold privately rather than make it public.
> They had the option to license the WordPress trademark for 8% of their revenue, which could be delivered either as payments, people (Five for the Future .org commitments), or any combination of the above.
So they could have "paid" by just hiring a few WordPress devs to work on it. That is: not necessarily by transferring dollars to Automattic.
IMHO this is an important bit of nuance missing in this thread.
They do the majority of the work, so they get to decide. That's how it works everywhere. If WP Engine wants to decide they should invest the same 4,000 hours/week.
That's the problem though. It's a chicken and egg issue. Those donated hours could be directed towards things that aren't in WPEngines interest. To use an analogy: it's taxation without representation. That seems counter to the open source ethos.
If everything was handled by an independent, transparent and accountable foundation then this would be a different conversation. It isn't. It's handled by a private, for profit, vc-backed company with a leader known for personal vendettas and holding grudges.
I want to be clear: I have no love for WPE and agree they should be doing way more. I'm just pointing out that the current arrangement is not exactly conducive to facilitating that.
> Those donated hours could be directed towards things that aren't in WPEngines interest
I have a hard time seeing how that can happen. WP-Engine still decides what bits of WordPress they work on – it's just a matter of having developers who work on it.
Matt gave away the software he invented and founded a commercial venture to monetize his efforts despite this. Automattic originally registered the trademarks. Years later they donated them to the foundation, to make the marks available for noncommercial use and limited commercial use. In the process Automattic retained the exclusive commercial license to the marks.
Where is the invention? He forked b2/cafelog and continued work on it when the original project faded out. He had no choice but to give it away unless he wanted the only WordPress install in the world. Another fork like b2evolution or any of the billion blogging tools at the time would have taken the spot WordPress did instead.
“it would be nice to have the flexibility of Movable Type, the parsing of Textpattern, the hackability of b2, and the ease of setup of Blogger. Someday, right?”
Synthesis is a type of invention: https://evanm.website/2016/03/synthesis-over-invention/
>Another fork like b2evolution or any of the billion blogging tools at the time would have—
People love to say things like this about any and all products but there’s this overwhelming counterpoint of what actually happened.
There are things in that WPE C&D that make me question how candid they're being; for instance, the trademark dispute seems an awful lot more complicated than the letters "W" and "P".
Out of five board members, one is Matt, one was the CEO of Automattic before Matt took over the role, and a third was an early investor. The other two are harder to pin down.
Agreed. I'm confused by a lot of the discourse in this thread. The extortion seems like the important thing. I would think (paraphrasing) "I'm going to destroy your business if you don't pay me" is extortion regardless of the merits of the claims used in carrying out the threat.
Extortion does not look like an easy case to make. Pull up some of the state statutes: they all seem to have intent and malice requirements, and/or, like California, require the threat to be of an unlawful injury. Threatening to ruthlessly exploit capabilities you lawfully have, like the bully pulpit of leading the WordPress project or the strictness with which you license your trademark, is unlikely to meet that standard.
(But see below for the 'DannyBee comment on how UCL unfair competition might work even if you can't make a case under the extortion statute itself).
I mean if a business if built on top of your business, is it actually illegal to say "Pay me if you want continued access?" Is it the wording that makes it illegal?
... to the open source project WordPress? 1) it'd be hard to forbid any one entity from using it, based on the licensing, and 2) the announcements and banners pushed to users referenced WP.com, Matt's for-profit competitor which WPengine doesn't use, and brings about elements of tortious interference.
The most damning claim, I think, is that Automattic put a banner in every WordPress dashboard on the subject, including WordPress instances hosted by WPE. Automattic is a direct competitor to WPE (by way of WordPress.com). I'm no lawyer but I expect there's at least some argument to be made that there's some abuse of Automattic's position in doing so (though I don't know enough about the law to know whether they have a chance of winning such an argument). If Automattic was purely producing open source software with no vested interest in profit, that would be a different story perhaps.
I have never thought of WPE as a competitor to WordPress.com but perhaps weirdly I think of WordPress.com as a competitor to WordPress.org.
For example, if I have a WordPress site I've built from scratch out of WordPress.org, I am just going to assume trying to put it on WordPress.com will be annoying (and possibly even impossible?), because of issues with themes or plugins or whatever due to the fact that WordPress.com is a separate, hosted SaaS-style CMS, and not a hosting environment for WordPress sites.
WPE, by contrast, is Just Another Webhost to me, with some special bells and whistles for WordPress.
It's quite possible to host a "normal" WP installation with custom themes and plugins on WordPress.com (on the more expensive plan), I've done it a few times. But as much as I want to like it, I can't wholeheartedly recommend it. Some stuff that should be easy is just ridiculously difficult, like pulling logs programmatically. I think the main audience it caters to is people hosting a basic site with off the shelf themes.
Sorry could you expand on this, how can they "put a banner in [...] WordPress instances hosted by WPE"?
I was under the assumption that WordPress is OSS, and WPEngine is running this software on their platform, so there was an update to this software, contributed by Automattic developers which included a banner denouncing WPE, and the WPE people decided to just deploy that update to their platform?
I don't think that means they "put the banner on their instance" does it? If they are unhappy with the management of the open source software they are using on their platform they presumably could fork it, or decide to not deploy the version that includes this banner, no?
There's a widget on the default WordPress dashboard that displays a RSS feed of WordPress.org, where Matt posted his rant, making it show up everywhere.
I think we’re conflating a link in an RSS feed (that can be disabled by the user or WPE) and a banner - typically a large(r) notification in a prominent spot in the UI. This point feels like a distraction.
Unfair competition is, particularly in California, which interprets it's UCL very broadly.
Let's set aside all other claims (there are others), and take a look at "Unlawful, Unfair, and Fraudulent Business Acts" under that.
We'll also throw out unlawful business acts (I don't see anything unlawful so far).
Unfair:
"An “unfair” business act or practice, as defined by the UCL, is typically committed by either a company or a business competitor. ... In the context of a business competitor, it is considered an unfair business act when the company does something that broadly undermines competition in the marketplace."
Additionally, they consider " immoral, unethical, oppressive, and unscrupulous" business acts to be unfair.
Banners on wp engine sites probably not a good thing under this. Threatening your competitors with bad keynotes unless they pay you, also probably not a great practice.
(I do think you'd be fine to say they suck. I just don't think you can get away with basically extorting them)
Fraudulent:
"The UCL also prohibits “fraudulent” business acts or practices, which means any conduct that misleads or deceives consumers."
Note that it does not have to be defamation, or malice, or illegal. Just misleading or deceptive. More exactly, it does not have the elements of common law fraud - Intent is not a requirement, and negligence can be a violation.
So pure opinions without intent or with negligent intent that actually deceive consumers, while not defamation or common law fraud, are quite possibly a fraudulent business practice.
Overall, I think they have a stronger case than you might. Not on defamation, but on other things.
Regardless of the outcome, the approach i see taken by the Automattic CEO here seems remarkably stupid.
Don't mix your roles unless you want a court to mix your roles.
When he threatens to ban them from wordcamp[1] in what capacity is he doing it in?
1. Which, btw, the central website totally avoids mentioning who is in charge or paying overall anywhere i can find. I hope it's not the foundation (or him or automattic) and he's not mixing roles further while threatening his competitors.
Piling on re: mixing roles: I read "abuse of position" in the GP comment as "conflict of interest," which is potentially problematic for a board member of a non-profit.
I can't speak to the veracity of the facts presented in WP Engine's C&D letter, but my reading of it is they're accusing the head of the WordPress Foundation, in his official capacity, of putting the interests of his for-profit company ahead of the non-profit's stated mission to "ensure free access, in perpetuity, to the software projects."[0] That's the sort of thing that could threaten the foundation's 501(c)3 status, or in extreme cases lead to criminal charges.
I suspect that's still not actionable in the way the parent poster means, since AFAICT there no private right of action: You can't sue, only petition some government agency to bring their own lawsuit.
Isn't this completely fine? If you and I both make aspirin, but we both put a little something extra in it (me vanilla, you salt) and I put banners on my web page saying "bastawhiz's salty aspirin puts the ass in aspirin", doesn't this just seem like typical rivalry? My point here is that defamation is defamation no matter the scale. I think scale is relevant re: damages, but not as to whether or not rivalry escalated to defamation in the first place.
One person's "abuse" is another person's "I have this platform and can use it however I like." For another example, whenever cable companies (dish, etc.) have licensing disagreements with content creators, they put up a bunch of ads that are like, "ESPN's unfair negotiations mean you may lose access to this channel, call this number to complain". That's never been found to be defamatory--it occurs to this day.
That's true, but does not apply to this situation.
Automattic is not the owner of WordPress, the WordPress Foundation is. Even though many employees of Automattic work (maybe full-time) on WordPress [1].
So I sell your aspirin in my shop, and a friend of yours helped you package your aspirins and while doing that put some stickers onto your aspirin.
Does WPF take issue with this operational decision by Automattic? If so, they have the avenues to deal with it, and they're the party who can claim to be aggrieved, if it violates some duty Automattic has to WPF. I seems more like this, from my understanding:
You sell a brand of aspirin in your shop. The brand has outsourced most of the production and decision-making to another company. That company puts messages on the bottle. If those messages bother me, I can bring it up with the brand and see if they'll address it, or stop carrying the brand, but the question of whether they've overstepped is for the brand owners rather than me.
> and they're the party who can claim to be aggrieved, if it violates some duty Automattic has to WPF
Tortious interference - where one party (Automattic) interferes with a contractual relationship between two parties (WPengine, their customers), in this case by means of disparagement pushed to the dashboard of WPengine instances.
Inducement? Like "We have blocked the ability to access plugin and other repositories for customers of WPEngine. We have not done so for this other, "independent", for-profit entity (that just so happens to be owned by the same person)"?
Some important nuance is lost here. Matt Mullenweg transferred the trademark to the WordPress Foundation (which he is head of) and the foundation (again... Matt himself) in turn granted Automattic the exclusive ability to sub-license the name commercially. This is the important bit.
What this means is that any "licensing fee" would be paid to Matt's private, for-profit, VC-backed company (and direct competitor to WPEngine) and there would be zero accountability for how it would be spent.
In practice, the foundation doesn't enjoy any benefit to owning the marks. It's all smoke and mirrors.
The trademark policy sounds like it falls somewhere between the Mozilla Foundation/Corporation model and the Red Hat/Fedora Project model. This is how open source in practice works.
Not really. The Mozilla Corporation and Red Hat aren't direct 1:1 commercial competitors to the people they also license the trademarks to (as is the case with Automattic and WPEngine). It's an obvious conflict of interest and inherently problematic on so many levels.
If there is a real-world open-source analogue to that situation, I'd be genuinely interested in hearing about it.
To me the solution seems simple; The WP Foundation should own and license the trademark. Then use the proceeds for its mission in a way that is accountable to the community (Automattic should not have to pay of course).
Do I need to spell it out? The foundation is headed by the same person who they granted an exclusive license to. Not just a commercial license to use the trademarks. It's permission to sub-license the trademarks for profit without restriction. It's blatant self-dealing.
It's an obvious conflict of interest for a foundation that is supposed to be serving the community.
Nah. Putting disparaging claims directly on the dashboard of my customers seems pretty abusive, and if it happened to me I'd be looking at legal options too.
No, it would be like if Google started using Google Tag Manager to put banners on websites that use Plausible Analytics saying "this website uses analytics that might not be accurate!" Or if Cloudflare started putting banners on websites that use S3 saying "downloads might be slow because this website doesn't use Cloudflare R2"
Automattic's WP VIP hosting would be a competitor of WPE. VIP is enterprise level. But perhaps Automattic is considering a less high end offering and this is the first move to capturing some quick market share?
They are pretty clear they will go after them for torturous interference, unfair competition, etc.
California's UCL is much broader than you may think here - it is consistently interpreted very broadly by california courts, and has fairly low requirements (IE fraudulent business practices under the UCL do not have meet the same requirements as fraud)
One fun thing is a lot of state consumer protection laws have a punitive damages component.
The diminished standard of intent and the fact that a mere advertisement can trigger liability in some states makes UCL/CFA extremely powerful in some cases.
There is simply no need to preserve documents given how public this was. If pressed the grievance can be corroborated externally.
The letter in entirety is a warning of potential legal action. That is the next action if the other party neither ceases or desists.
Maybe this is normal, but we're glorified animals trying to find justice out of a made up process. It's arbitrary, hence arbitration. Not a lawyer either. You probably know more terminology than I do; I just deal with them a lot :/
edit: I think it's a little strange to be placing judgements at this stage. We'll hear the facts if this goes to court. There's enough to know several are upset. Another consideration: by placing the numbers you're kind of trying to make their argument. Why? Let them.
It seems pretty likely that there’s communications internal to Automattic or the Wordpress Foundation where they talked about their objectives and plans, assuming the details in the claim are accurate.
Thank you for saying this. Trying to get this out there too. When people say "building a case", this is part of what they mean.
Creating a track record/evidence. Or the opportunity. My only practical experience is trying to get a restraining order. It's harder than you might think. Legal system demands work to work.
> Maybe there's tortious interference stuff here that gives these claims more teeth than a typical defamation suit (I've come to roll my eyes at tortious interference, too; unless you're alleging really specific fact patterns I've come to assume these interference claims are also a sort of C&D "punctuation").
This is the big one to me, actually. If Matt used the announcement feature in the WP.org codebase to place an announcement in WPEngine customers consoles telling them they should not support WPEngine, but instead his for-profit competitor, WP.com, it's pretty hard to argue that that is anything but tortious interference.
Matt is predictable. WPE wrote this letter for the community. They knew Matt would throw a fit and they would be able to take the high ground while also releasing an assassination of Matt’s character. The Wordpress community doesn’t care about Wordpress.com, Matt just blew what little credibility he had left. Worthless as a legal letter, brilliant as a response for the Wordpress community. Matt will inevitably step down within a few weeks, and a few years from now, this will be seen as a pivotal moment enabling WPE to dominate Wordpress.com. Matt could not have played this worse.
Matt has no reason to step down. He will explain where the monetary claim is coming from - probably the development time promised and not delivered, or the use of the trademark - and then you have two competing narratives. One by the Foss software maker, one by a big enterprise. Why would a relevant part believe wp engine? And even if, how would that harm internal automattic structures in a way that he loses control?
Also, I see no way how this going forward even in front of courts could end up with wp engine replacing WordPress.com.
Automattic benefits greatly from their close relationship to Wordpress. Using the power they have to threaten a commercial competitor that has a good reputation in the community will push the Wordpress community to reevaluate that relationship. The contributions Automattic makes to Wordpress are valuable but valuable contributions do not excuse bad behaviour. Souring the relationship between Automattic and Wordpress is a major blunder, which Matt will be responsible for. If Automattic lose their preferential treatment and are forced to compete with WPE based only on service then they will be crushed because Automattic’s offerings are not as good — there’s a reason Matt is so sensitive about WPE. Automattic are just as dependent on venture capital as WPE, even more so because of how their business has been losing focus. Automattic’s value is based on its relationship with Wordpress, whereas WPE’s is entirely based on the service. Matt is threatening Automattic’s most valuable asset, removing him may be seen as the only option to rescue the relationship.
As an aside, people don’t usually act like this when things are going good. Perhaps Matt is lashing out because of pressure he is already under.
edit: and to close the loop, Matt is demanding benevolence from WPE that Automattic themselves don’t engage in. Automattic own the Wordpress.com domain and promote their hosting service through Wordpress.org (which causes the exact confusion Matt accuses WPE of benefiting from). The money Automattic spend on supporting Wordpress project is not a donation, it’s quid pro quo. Would WPE pay $10m a year to own all that? Of course, any rational company in the space would… but that’s not what Matt is offering.
8% of revenue in perpetuity seems like a licensing deal, not payment for services. WP is arguing that they don't need a license deal to deliver their service which seems to be true? Therefore, the 8% just seems like a shakedown to get money - good old blackmail.
Maybe my view into the Wordpress community (mostly via Twitter) isn't representative, but it does not seem like WPE represents the community's views from what I'm seeing.
> Matt just blew what little credibility he had left
Just "lol", it's really funny line when taking into consideration all the years how he manages WP, cares about direction it moves, fosters and cares about OSS, directs funds and all of other countless things AND putting on the other chalk some WP hosting which happened to grow for one reason or another and is contributing peanuts compared to what it gains from the WP. No, he still has a lot of credibility.
I don’t follow the WP ecosystem very close since I left it years ago when I found better tools but I very much look forward to see if your confident prediction holds true.
WP Engine calls itself the worlds #1 wordpress hosting (with over 1.5m clients), but they aren't even in the top 10 material contributors to wordpress. Although they have pledged to support wordpress development, is is only to the tune of 40 hours a week. Their pledge is miniscule given their usage of wordpress and isn't even in the top 25 pledges made. It seems they were called out on this, and told to resolve it or it would get highlighted, and highlighted it was.
Sure, the license allows them to do whatever they want, but there's nothing wrong with publicizing that they don't give much in return. With over $400M ARR, thats something they could easily resolve.
In all seriousness, if this whole thing is about some false marketing claim from WPE, then call them out specifically on that in a tweet or something. Why does it deserve the "scorched earth nuclear approach", which equates to blackmailing them into giving you millions to prevent you from disparaging them in all media outlets? The claims Matt made go far beyond WPE not contributing to WP development as much as they say they do.
This corporate mudslinging paints WP.com in a much worse light than WPE. IANAL but I think there's a case here for a defamation lawsuit at the very least, if not for outright blackmailing.
Publishing a blog on Wordpress.com is scorched earth nuclear and a tweet is fine? Why shouldn’t this get some actual publicity? What’s defamatory about it? Your response seems to be a better example of mudslinging than OP. At least OP pointed out some data to back their argument.
It wasn't just the blog post. Did you miss the keynote, numerous posts on Reddit and other outlets, as well as the threatening calls and text messages? I'm using his own definition of "scorched earth nuclear". This goes far beyond a single tweet.
> What's defamatory about it?
Oh, I don't know. Calling your competitors "cancer", their product a "cheap knock-off", and urging people to stop using them?
If my competitors are selling an inferior product, I would let that speak for itself, which should make my alternative shine in comparison. Going on a mudslinging crusade just reeks of desperation and immaturity, and the defamation and blackmailing could be illegal. If he really had a case against them, it would be resolved in court.
I'm not the target audience of either, but if I had to choose which one to use today, I would go with WP Engine based on this alone.
Yeah but people don't like to be manipulated. He didn't want to call them out, he wanted them to pay his company millions for licensing and used the community as leverage.
Did you not read the post? He wanted them to stop calling their fork of wordpress "Wordpress".
They either continue to use their fork and call it something other than wordpress, or they use an unmodified version of wordpress and are permitted to call it "wordpress", or they pay for rights to use the mark for their modified version.
No doubt this has all stemmed from the issue of them taking and not giving back. If they aren't going to play nicely and pay proportionally for development as per the pledges, then they can pay for the right to use the mark for their fork. Why should automattic and dozens of others pledge thousands of hours of dev time per week when one of the biggest users pledges 40 hours? It may be permitted as per the GPL, but use of the mark is subject to fair use - and fair use doesn't cover them passing off a fork of wordpress as wordpress. Clearly that technicality is being used to force them to pay their share through licensing of the mark.
I read the comments from Matt M yesterday, and it felt like a hit piece.
I run a website for a couple scifi like conventions, we need cheap reliable hosting without me having to deal with the vagaries of running wordpress myself.
I would have bought a product like WP Engine directly from Automattic, but AFAIK they dont offer one, this feels like lashing out at a competitor because they failed to enter a market segment, and now feel their lunch is being ate.
I ran websites for a long time without any version control, and would have no problem doing it again, the benefit of WordPress is the semi-WYSIWYG editor and the plugin ecosystem.
If you had your own iron, had to co-locate it somewhere, keep the OS updated, etc. all that time (and hardware) adds up. Factor in opportunity cost and hosts like WPE are relatively cheap.
Wait what about the middle ground? Give me access to a VPS and I can make your dreams come true, as cheap as possible, using modern CI tools and a lot of.. automation.
Sure, maintaining it has a cost, but to me the alternative feels like trying to build a business by reselling expensive chocolates you bought from the hotel mini bar.
Could you enlighten me as to what WP Engine does differently from Automattic that you can't buy from them? Looking at the WP Engine, it's the exact same thing, with the numbers filed off, as Automattic offers.
WP Engine offers headless WP CMS to static, for one, and it’s pretty slick. I don’t believe Automattic offers that, yet. But I bet Automattic builds it in, in the near future, and that’s probably what this WP Engine beef is really all about: money.
They offered many features that wordpress.com copied (staging sites with one-button cloning; easy backup and restores; automated updates of php and wp code; tweaks to prevent security issues; automatic cdn) and others like serious engineers answering support tickets to help you sort out whatever fragile, insecure wordpress crap your marketing team, or their wordpress contractors, installed on your site.
We shouldn't overrate a lot of those features, because I think they were pretty obvious things to want. But WPEngine was, afaik, the first to market with all of the above in a pretty-cheap and seamless package.
Wordpress.com would be the equivalent. That said, they don't exactly offer an unmodified WP experience either at least not without upgrading to the higher tier plans. The base plan has plugins disabled for example. Not even sure how it's different from what Matt is accusing WP Engine of.
Wp engine is not cheap at all, instead its expensive, my websites hosted on Namecheap for years, and never touched even 1 second, and everything is stable, the price? I would tell you, around $45 per year hosting price for 3 sites...
> Automattic CEO and WordPress co-creator Matt Mullenweg unleashed a scathing attack on a rival firm this week, calling WP Engine a “cancer to WordPress.”
In my experience, WordPress itself could be called a Cancer to the Web.
The amount of new clients I've picked up who needed help rescuing broken and malware ridden WordPress sites is... well, it's more than I'd like as I really do not enjoy WordPress LOL
That's on the customers. I used to work at a shop that used WP and it was a huge force multiplier. We were WP Engine customers and at some point we moved to Pantheon.io and then we moved to a static site with an internal-only WP frontend for content editors.
We had 2 developers, a PM, 20-30 content writers and $5B ARR. Websites were strictly for marketing/leadgen. Even when we switched to building a static site, we still had our content editors write markdown in WordPress because it was easier to do that and pull all of the content from the database on deploy than train them.
The absolute worst part of being a WP Engine customer was being on Linode and the yearly Christmas Eve DDOS.
No that’s on the various design agencies that sell “custom websites” and instead they just slap together a 59$ theme and a dozen plug-ins. Most customers don’t know shit about the web and they just trust the agency to do a professional job. And in my 10+ years of experience as a freelancer I’ve seen plenty of agencies taking advantage of clients.
WordPress has the same problem as PHP: it's too easy to do what you want the wrong way. The right way is great, but the wrong way is easier, cheaper, more common, more documented, etc.
Wordpress used as a CMS where you build everything from scratch using built in functions and the absolute minumum number of plugins (in my experience it was exactly 1, ACF) can generate sites that are solid.
I have projects I built a decade ago that are still online, are still running and haven't been hacked.
The problem is that the overwhelming majority of WP sites aren't built like that. Because "there's a plugin for that". And you end up with these monster sites with dozen of plugins, each importing their own scripts and styles, all injecting their own crap, all bringing in their own issues. And you use those on kitchen-sink style themes that are designed to do everything and end up doing nothing well.
But that's the inevitable result when you lower the barrier to the point where one can just click buttons and install whatever.
These businesses exist and operate the way they do because of customer desires. The customers could hire better agencies but for a number of reasons don't.
Sorry but saying that it’s “customer desire” is nonsense. Most customers don’t have the skills to judge the work they receive. They know they need something done. They trust someone. How are they supposed to know if what they got was subpar? It’s like that in every profession. You have to trust that the person on the other side is professional and more often than not they’re not.
That’s pretty unfair. Most of the work I do can be considered “marketing” since it’s corporate sites and portfolios. Businesses need to have an online presence of some sort and someone has to create one for them. Not everything is SEO spam.
OP said “Websites were strictly for marketing/leadgen” which is just marketing sites. But pretty much all business sites are marketing. If you don’t have an e-commerce and you’re not a saas of some sort, you have a marketing site. It’s there for visibility and to provide information.
Not spam at all. I just don't want to be so obvious about what the business was, even though I've mentioned it in the past.
Think top 10 keywords space and spanning about 4-5 of them.
It's the largest business in its space and a major national advertiser both digitally and traditionally. You have seen their ads on the street, on TV, on websites and on Youtube.
Even internationally, you have seen their ads on TV. Big hint.
No we had an army of call center folks, case managers, etc. But given the nature of the business there is no sales, only marketing generating revenue.
Basically, no our marketing team didn't turn the coal into diamonds, but obtaining the coal was our team's primary function and 100% our output. We spent several hundred million annually on advertising (roughly the GDP of Tonga!).
me neither but it pays; when we get called, bad things already happened, so it's always an emergency which means we can ask for 400-500$/hr to fix it. And there are so many bad wp sites that we can retire on that alone. But let me tell you about OpenCart, Drupal, etc which also are all lovely targets and more niche so higher hourlies!
As someone with a formal verification and static typing background, it is the most terrible crap there is, but it is very good business.
Any recommendations on how you can find that kind of work? I'd personally enjoy it, but I don't know how to break into it without working as a WP dev at an unsustainably-low wage.
> As someone with a formal verification and static typing background, it is the most terrible crap there is, but it is very good business.
May I ask how you find this kind of work? The kinds of orgs with hacked/broken/incompetently-run WP installs don’t tend to be the type of orgs you’d find via professional networking, but by going through the dregs of Craigslist’s gigs pages, no?
I wonder to what extent that can be attributed to its ubiquity versus its quality. I've never worked with WordPress.
For example, I notice that most of the automated "attacks" on my server are WordPress related. Is its defect rate significantly higher than other systems', or is it just that if you're going fishing you should bait for the most common fish? PHP and Apache come up a lot too.
Way back in 2013, Matt Cutts from Google said in a talk:
“WordPress takes care of 80-90% of the mechanics of Search Engine Optimization (SEO)”
Agencies really latched onto that!
SEO was the new hotness.
An industry was then built around WordPress.
Clients would hear that it was the best at SEO, and they wanted a CMS they could update themselves.
Agencies could churn out variations of the same WordPress site and plugin stack, and then charge clients for ongoing hosting and maintenance fees to keep it updated.
Then there are all the plugins that get added depending on the whims of the 'developer' at the time.
The WordPress website then languishes when the agency or dev vanishes, WordPress gets hacked, and the client gets charged again.
The WP GUI builder plugins are a whole separate hellscape all to themselves!
It's like any other system designed to be used by people that are not technically savvy. Lots of things have default values that are not sane. That's why the script kiddies hit every server they can with known defaults and vulns. Otherwise, it's like any other publicly facing internet server in that it takes maintenance with patches and updates and being informed on what you're running and changes being made.
So because the majority of users are not savvy, it's become a cesspool. Then you read about it on a tech forum like HN and it is derided as an inferior product rather than allowing improper use by the user/operator.
I've had an interview last week for a company doing WordPress stuff, and their tech lead, computer science guy, said their next project was a monitoring tool running unit tests in production to understand the health of the app
It's not only the non-tech-savvy, even CS guys become trash when they go too close to WP
> I wonder to what extent that can be attributed to its ubiquity versus its quality
Its quality is astonishingly bad. It was clearly developed by someone who didn't even have a basic understanding of relational databases. Unless something has changed, plugins and themes can run arbitrary PHP on the server.
Anything ubiquitous is going to be hated. I agree. But WordPress is bad from a fundamentals perspective.
But I've been writing web software for 30 years and WordPress is among the worst mainstream applications. It's worse than its PHP competitors at the time, and it's worse than Ghost and many of the competitors that came after it.
You can't just dismiss all criticism of the past because it was the past. Some people wrote worse software than others in the past, just as they do today.
Personally I’m think a big issue is the insistence of wanting to keep everything as backwards compatible for as long as possible. It becomes a burden. At some point you have to accept to make substantial changes in order to improve the situation but it’s not going to happen in the WP ecosystem because that’s one of their selling points.
I run my own Wordpress server for a blog, and IMO it's basically fine if you use reasonable deployment management practices and don't install 500 random crap plugins and themes. The basic install is about as bulletproof as it gets in the mainstream web software business.
I don't particularly love PHP, but you don't need to touch it if you don't try to write any plugins. Yes, some of its practices are pretty wacky, like every plugin has full access to the filesystem and database to do basically anything, and the system expects to be able to update code files in place from web requests, but meh, just give it it's own $5 server and let it do its thing, and definitely be very careful which plugins you use and how you get them.
What you get in return for this is a perfectly fine CMS that anyone with basic computer skills can run. Yeah, static site generators are cool and all that from a tech expert's perspective, but nobody who isn't a tech expert can actually do anything with them, and oh, by the way, the ability to make any changes at all typically involves at the very least SSH access to the host server with full write permissions.
Thanks. It seems really good. PHP, files and folders instead of db, easy templating, plugins, admin interface built on Vue.js, open source at GitHub and a commercial license as well. Since 2012.
The only issue is to have more themes available, at getkirby-themes_com there are 22 only.
Because it's not designed with a theme approach. It's designed to build custom sites. Themes aren't really a thing inside kirby because of the tight relationship between content itself and admin interface. I like to think at it as an in between something like Laravel and WordPress.
It's an entirely different target audience. Kirby is a tool that's designed mostly for developers, and not really for end users. There's no one-click install, there's no pressing a button to install plugins. And that's by design.
Well, in fact it was two clicks install :) I’ve downloaded it, unzipped into a folder and with PHP running I was ready… No Nodejs and React needed. These are so painful to maintain.
They are not dead. The reason why WP took web by storm and Joomla and Drupal became less visible is that WP did a lot of work in instant usability - their 2 minutes’ installation changed the game imho.
WordPress isn't that bad. Okay, the code is kinda messy in some places, but which 25 year old project isn't? And yes, in the early days it was cowboy coding, but those days have been over for more than 15 years.
What "broken and malware ridden WordPress site" typically means is "customer installed a bunch of random plugins from random sites written by teenagers or bozos who don't know what they're doing". And yes, that can screw things up, but that's not really WordPress's fault IMHO.
Maybe it can do more to protect users from this; I don't know. But obviously the plugin ecosystem is a hugely important part of the WordPress platform and you can't just lock that down technically. Just make sure you only install plugins from authors who aren't teenagers or bozos.
I'll add that personally I don't especially like WordPress for various reasons. But at the same time I don't think this is really a fair criticism.
The WP Community - as led by leadership (i.e., MM, Automattic, etc) is fond of bragging about the plugin and theme ecosystem. What they conveniently neglect to mention is how many are shite, many are ok but poorly coded, and only a very few are worth their weight. Even plenty of the premium plugins have performance issue, are sloppy, lack hooks, etc.
And yet, reality is that for many companies, an off-the-shelf CMS is all they need, and all they can afford, and all they can figure out without hiring IT.
Which means, if we want to kill WordPress, we need to offer a better solution. Not just for WordPress, but a coherent system that also reimplements the top hundred or so plugins.
If anyone wants to join me rewriting it in Laravel so we could add a WSL-like layer for WordPress cancer plugins… I don’t know. I wish someone would have the conversation. I don’t even care whether it’s Rust.
> Which means, if we want to kill WordPress, we need to offer a better solution. Not just for WordPress, but a coherent system that also reimplements the top hundred or so plugins.
And a solution for which a typical non-tech business can ask around their family/friends/employees and find someone who's experienced enough to come in for a few hours out a few hours a week to to typical CMS admin/editorial stuff. And for which there are heaps of easy to find tutorials and youtube videos which can get someone up to speed enough to keep their own site running, while still spending 95+% of their time making widgets or selling trinkets or whatever their actual business is.
I'm not _that_ much of a fan of WordPress, but WordPress on WPEngine is 100% my initial recommendation for anyone asking about how to run their business website.
(I'd be curious to see a Rust backend API replacement for the WP + top 100 plugins that uses the standard html/frontend, to have the type safety and security Rust is famed for, while being identical in use to WordPress so all the people currently admin-ing WP site wouldn't have to even know it's different. But not curious enough to expend any effort to make it. )
Statamic is awesome; watching Jack McDade in person at Laracon last month was great.
However, Statamic is not a WordPress replacement. We need a system that can be installed, with hundreds of themes and plugins available, without touching code. An open-source Squarespace, basically.
Statamic has a role, but not as a WordPress replacement for most people unfortunately…
> And yet, reality is that for many companies, an off-the-shelf CMS is all they need
Except they don't. A static website would work for 99.9% of all businesses and could be hosted on a potato.
The problem is that marketing wants a website that "Doesn't look embarassing and has 5 nines uptime."
Translation: "Marketing wants a website that looks completely like our competitors(because reasons)! But make it completely different (because reasons)! And make sure it's on AWS (because reasons)!"
Response from IT: "Our website results in zero revenue to the company and is a gigantic security problem and spam magnet. And because marketing is involved it's also a headache of a political football. Here's the WP Engine credentials. Now fuck off."
This is where the mistake was made. Tens, possibly hundreds, of thousands of small businesses do not have an IT department.
Even the business I work in - almost a dozen employees before a single IT guy.
WordPress and Squarespace, and software like them, are the off-the-shelf solutions for them. You sign up for GoDaddy or another shared hosting provider, what do you get? Right now though, Squarespace is eating WordPress’ lunch, and (if you don’t need plugins) is objectively superior in many ways.
We need a modern replacement for WordPress to fulfill that role which won’t make programmers swear, or let closed-source solutions shut out the open ones.
> The problem is that marketing wants a website that
... they can publish and update content without having to get IT involved - just like they did at their last job where the website was WordPress.
Oh, and IT who thinks their company has a marketing department that adds zero revenue to the bottom line needs to go back to they mom's basement or academia. That's just not how the world works.
> Oh, and IT who thinks their company has a marketing department that adds zero revenue
Please reread. I said the website brought zero revenue.
The website for our company never broke 5 digits in total views. I could almost precisely correlate who was looking at our website with who marketing was currently talking to. Scaling was useless. Dynamism was useless. etc.
All resource spent on the website was worse than useless as it took marketing away from doing anything else which would could result in revenue.
A lot of businesses are in the same boat where the website brings in zero revenue. A static website would be more than good enough but somebody in mangement chain has a "Must Keep Up With The Joneses" streak. And then you wind up on WordPress.
No they can't. You don't roll out technical solutions without IT involvement for obvious security and stability reasons from hosting, bandwidth charges, auth, security maintenance, cert renewals, https, etc, unless you don't care about any of those things. That's literally ITs job and why the dept exists.
Those concerns are kinda the raison d'être for WPEngine.
For anywhere small enough to not have an IT department, or so large and where the IT department has effectively become obstructionist to other department's jobs, just buy marketing their own WPEngine subscription and let them do their thing.
I think people who work in an "IT Department" sometimes have a too narrow view of the rest of the world. Both ignoring that almost all small and most medium sized businesses do not have an IT department, and also that there are people and departments in their own organisations who's IT needs are real but are not considered a priority by the IT Department.
(Often understandably not the IT departments priority, the people in a bank IT department who're securing financial systems from continuous attacks almost certainly don't consider the HR departments need to set up a quick website for the company bbq or RUOK day to be a prioroty. But someone in HR is getting _super_ frustrated at not being able to do the "simple things" they know they could do if IT didn't keep pushing back.)
I'll just ignore the "IT pushback comments", as if we don't have real actual reasons for pushing back against the stupid shit people with no experience think is a good idea.
The main problem, security aside, is when shit goes south (and it will at some point), IT will be asked to handle something they didn't set up, don't know anything about, and will be looked down upon when they can't get it working quickly.
As long as there is ownership of any problems by whomever set it up, yeah, go nuts, but experience also tells me that's never how it works.
And then people bypass IT for things that IT would be happy to help them with and end up getting called in to fix some non-standard thing that has become critical to their work.
Hahaha, I've been in this exact situation. Marketing set up an entire WordPress website unbeknownst to IT. Over a year's worth of effort and they never even mentioned to us they work working on it.
I'm in a monthly directors meeting of all depts and marketing unveils their wonderful website to much applause and oohs and ahhs. They then say, looking at me, "Yes we should be ready to launch in a couple weeks after IT sets up authentication and integrates it with our CRM and mail blast system."
I was so lost for words I just kind of nodded my head, wide-eyed.
The way they had it set up did not allow us to use the same SSO/auth we used for everything else. So users would need a separate account. Their auth system didn't support any kind of MFA. Their plugins were not compatible with our CRM. External accounts would need to be set up manually. They used a different domain thinking they could just change it later but it got so baked into everything that changing it everywhere would be extremely difficult. Their hosting solution was going to cost us a shit ton of money because none of the graphics were optimized for web. Every image was like a 50MB PNG. It did look nice, but nothing was set up in a way that made it compatible with anything we already had in place.
I told marketing there was no way I could make this work and they'd wasted a year's worth of effort by not pulling me in from the get go to at least help them find some sane compatible solutions. "Well, if we can't use SSO, couldn't we just build a spreadsheet with everyone's logins so you could plug that in?" Jfc no.
The CEO/owner sends me a meeting invite and asks me why I'm refusing to work with marketing on their website. I explain that they had decided not mention any of this to me from the get go and explained the reasons why I couldn't make it work.
I said, "well, technically we could make anything work, but you're going to have to hire a small dev team to integrate this with our CRM. We're going to have to pay a lot more monthly for our CRM because now we need API access (we'd need that either way even if the plugins were compatible) and if you want a team to write some custom integrations for this, you'll need some kind of retainer to make sure they can support it when the plugins change and break everything in unpredictable intervals or the plugins are no longer maintained."
He refused to believe me and basically said "Well I'm not sure why I'm paying you if you can't even get a website to work."
I quiet quit and resigned about a month later. You can imagine the other kind of shenanigans that went on if that was considered acceptable.
This really doesn't sound believable, on your part. You can't run pngquant on the images directory to shrink down the images? Should take 2 seconds of shell script. Honestly a lot of things you mention seem like pretty trivial to do... Wordpress is so well understood and there are so many utilities and integrations for it, it's one of the simplest things to integrate with something else. This comment sounds like you were mad they made something that the rest of the company wanted and got mad and didn't want to play ball.... could just be misinterpretation over text, who knows.
* even if it did, they didn't realize that was like an extra $1500/month for API connection (something like that), which was also balked at, but just a plain fact
* they already built everything out and changing plugins was not an option
* I have almost no experience with WordPress and 0 time to figure it out alongside the myriad of other projects on my plate
* 0 thought went into authentication and that was also something I couldn't change
* this was not built by a team with WordPress experience, or any technical experience
They said "it's set up like this, make it work". I couldn't, not without dropping everything and hiring someone to do it, and managing a contractor(s) which was also not an option.
Yeah I run wp2static on clients, cancel the hosting then push the files to vercel/cloudflare pages/github pages.
A PHP version is vulnerable. If you upgrade it, some plugin breaks. If you manually upgrade the offending plugin, the pesky developer now wants a subscription. Just a nono. I build on Hugo.
Many (some very large) companies would not allow that route; their marketing team is trained on wp and they specifically implemented it (in the EU this is per country generally) to sidestep the head office enterprise cms that is unusable and takes days of workflow steps to get anything published; they want more dynamic, not less and they want less techy not more.
I think your question answers itself if you look from the perspective of a non-technical marketing person who's used to WYSIWYG tools, rather than a programmer who's reading a site called Hacker News.
Yes, I know, I use it too. But github is hardly usable by non technical users , nor is markdown. We are talking about marketing deps of billion$ companies.
I'd love to get your feedback on https://hub.scroll.pub/. Create new sites in 0.1 seconds. No signup required.
It's a new stack, but it's pretty revolutionary foundation, and as we get some good templates and imrpove the UX, I think it should bring a lot of joy to people who currently suffer with wordpress. It's all open source/public domain. Having started my programming career in Wordpress ~17 years ago, I have been able to take my favorite parts from it and get rid of all the annoying parts (like requiring a database, php/javascript hybrid, etc).
Just as an observation this reminds me of the dynamic that other open-source software distributors are tasked with defending.
Let's say you were distributing a browser, let's call it Firefox. You might have a corporation and a nonprofit and call them the Mozilla Corporation and the Mozilla Foundation.
Maybe in this scenario you would allow certain commercial uses of your registered trademarks so that the software could be distributed by others. Parameters in this policy might only allow the commercial use of the trademarks in certain ways, enabling others to advertise their product like "Grammarly for Firefox" or even their service "Download Firefox from CNET" without infringement. But these parameters would go on to disallow one from using the terms in a way that implied a direct connection to the Mozilla Foundation or caused confusion with regards to the root product such as advertising your site, CNET, as "The Firefox Store".
Then let's say someone renamed their CNET site FFXSource. And then advertised themselves as "The Most Trusted Firefox Tech Company" and that their download was "The most trusted Firefox build". They might be told this violated the terms that don't allow implying official connection to the wider project. (And then let's say the download they were offering had the browser History pane feature stripped out.)
In this scenario, it seems it would be the duty of the trademark owner, the Foundation, to seek that FFXSource either come into compliance or, to continue use that exceeded the blanket guidelines, to acquire a dedicated, more-expansive commercial license. (Of course none of my thoughts on this are legal advice.)
> Then let's say someone renamed their CNET site FFXSource.
This is addressed on page 5, where they quote the trademark policy[0], which until a few days ago said: "The abbreviation 'WP' is not covered by the WordPress trademarks and you are free to use it in any way you see fit".
The current policy[1] has since been modified to specifically mention WP Engine and make seemingly irrelevant accusations towards them, but it still retains the part about "WP" not being covered by their trademarks.
> And then advertised themselves as "The Most Trusted Firefox Tech Company" and that their download was "The most trusted Firefox build".
Using that sort of phrasing would clearly be misleading and looks like it would have been disallowed by the trademark policy, but is that what WP Engine actually did?
That is what they did, their actual current advertising includes: "The most trusted WordPress platform", "The Most Trusted WordPress Tech Company", "[WordPress's] #1 managed provider", "WP Engine is the #1 platform for WordPress". They also have service plans on offer explicitly branded by them Core WordPress, Essential WordPress and Enterprise WordPress.
If they are "The most trusted WordPress platform", that implies there is more than one platform. That implies that none of them are first party WordPress. So I don't buy that.
(Regarding their plans, I think they would be safer to put the word 'Plan' at the end of their plan names.)
I know what you mean but if CNET Downloads advertised themselves as “The Most Trusted Source for Firefox” The Mozilla Foundation/Corporation would not allow this. A consumer new to the term WordPress might be given the impression that wpengine.com is a more trusted platform/source for the software than wordpress.org itself.
First, I'm not sure your example comes close to infringing the trademark, but even if it does: Wouldn't the correct step be to inform the infringing party that you see it as infringement and give them a date by shich they have to rebrand, and give it to your lawyer after that? Why would you make threats about destroying their reputation by doing a keynote about them if you are legally in the right? That's just childish.
I don't think any of those issues you raised passes the bar. ffxsource.. no. The most trusted build. no many people build their own and it could be trusted more because someone is testing the official build and making changes and ensuring it works. The most trust Firefox Tech company is accurate. It implies many firefox tech companies exist and they are the best one.
Take a look at Red Hat's guidelines, based on the open-source Model Trademark Guidelines (CC-BY-4.0), for comparison. They advise they consider it acceptable for you to claim "[Your brand] software is built from modified source code derived from Red Hat Enterprise Linux." However, without additional permission you cannot "Use the Red Hat Marks in a way that expresses or implies sponsorship or endorsement by, or affiliation or a relationship with Red Hat when one does not exist."
Sad to see Matt M behaving in such a childish manner. The initial wordpress.org blogpost looked pretty bad, but the quoted text messages are so much worse.
If this is indeed true, that ship has sailed. WP Engine was founded nearly fifteen years ago. You need to enforce your trademark for it to be valid: you don't get to decide fourteen years later that you're actually not happy about it.
This is a pretty bad look for Matt, it comes off as yet another CEO who's mad that there's no first-party advantage to hosting OSS. Thanks to the GPL and no CLA he can't take it proprietary like others before him. When you're mad at someone for using their freedom-to-run and freedom-to-modify it doesn't come off as pro-OSS as you think.
Weaponizing the trademark that's more strongly associated with the software itself than the company Wordpress is a pretty low blow. WP Engine is hosting Wordpress, full-stop. There's maybe a discussion to have about when modifications constitute a fork that warrants a different name but we're about as far away from that as you can be.
I honestly don't know why Matt cares. His competitor is owned by PE, just wait for them to eat the business and offer a one-click migration. Play the long game.
I'm hopeful Automattic will win this one; WP Engine repackages WordPress and delivers it as a service. Fine. Software license allows for that. That does not give them the right to describe their service as "[the] Most Trusted WordPress Hosting and Beyond". They clearly say so in their policy: https://wordpressfoundation.org/trademark-policy/
You can't prevent someone from using your Trademark as a description with your trademark policy. Everyone can use your Trademark to identify the thing, they don't need your permission. I could call myself the best Linux admin ever and the Linux Mark Institute can do nothing.
The law is not black-and-white. Absolutes like "Everyone can use your Trademark to identify the thing" don't fit in this context. Your reliance on Wikipedia to summarize a doctrine further demonstrates you don't have a firm grasp on the subject. Of course none on HN should listen to legal interpretations (including mine) because it's often not that simple. You can get a glimpse of the issue by reading this commentary from the American Bar: https://www.americanbar.org/groups/intellectual_property_law...
I think (and that's my opinion) that a jury would see that what wpengine is doing is not fair use and that their offering is creating confusion among consumers, but that's not for me (or you, or anyone else here on HN) to decide.
Well I’ll be ready to watch the lawsuit for trademark infringement then. Except there won’t be one because there’s no chance that’s trademark infringement. All the statements on the website of WP engine (as I currently see it of course) don’t imply any affiliation with the Wordpress trademark owners and are pretty factual. Do you have some more explicit reasoning for statements on the website that you find infringing?
...a business related to WordPress themes can describe itself as “XYZ Themes, the world’s best WordPress themes,” but cannot call itself “The WordPress Theme Portal.”
It sounds like "[the] Most Trusted WordPress Hosting and Beyond" would be allowed.
It doesn't matter what the policy says if there is no legal basis for it. WordPress can't prevent Nominative Use, everyone can call the thing they are doing "WordPress hosting" if it is WordPress hosting. If the policy doesn't allow that, the policy can be ignored.
Even if WordPress could suppress nominative use, do they really want a world where everyone selling wordpress-based services and products avoids saying "WordPress" like it was the name of The Dark Lord Himself? Maybe it's time for some malicious compliance by way of a hard fork that strips the word "WordPress" everywhere except where legally required.
Even if Mullenweg somehow had 100% of the facts and law on his side, he's still an embarrassment to both the company and the foundation.
>>All other WordPress-related businesses or projects can use the WordPress name and logo to refer to and explain their services
I think the policy is somewhat vague on this; does 'Wordpress Hosting' refer to and explain the offered service? Clearly. Is 'Wordpress Hosting' a "product" WP Engine is selling? Kind of, yah?
My understanding of trademark is also that "we've been doing this for ages and you didn't say anything" is a pretty solid defense, and "Wordpress Hosting" is about the most generic hosting service offered on the internet at this point, everyone and their dog offers it.
This reads more like a blog post than a cease and desist. Why do they take so long to get to the point of their demands. Matt is entitled to have opinions , and they should stick to the opinions they find unlawful instead of rambling on about everything he said
As a former WordPress engineer that built one of the worlds largest commercial WordPress deployments, I have a secret to tell you.
WordPress, out of the box, if you throw even a portion of traffic that you would expect form a large media site at it, will fall over.
We modified WordPress, took advantage of all the hooks, basically rewrote the post authoring and search system and introduced caching and databases on top of the default MySQL, such as ElasticSearch for content storage and searching content. We also had a network level CDN in front of it at all times.
By the end of it all, what we had was not fully WordPress anymore.
You'll find that alot of organisations doing WordPress are doing similar things.
Without additional context the letter does read as persuasive.
Is there significant additional context? Having looked at Matt's comments in the speech I'm not seeing any actual substance of what's wrong with WP Engine.
A. He accuses “WP Engine” for being confusing branding. He literally owns WordPress.com; which confuses tens of thousands of people on a daily basis. (“Are you on the WordPress login page?” “I swear that I am!”)
B. He complains about the post revisions not being limitless. But until recently, WordPress.com had a limit of 25.
C. If post revisions matter, surely plugins matter, right? WordPress.com requires going up two tiers to use any unapproved plugins.
D. Matt was an investor in WP Engine, and even appeared on their podcast last year, even though this revisions system limitation has been in place for a decade?
E. This is the same Matt who wrote the WordPress Bill of Rights, complete with specifically saying “The freedom to run the program, for any purpose” and
“The freedom to study how the program works, and change it to make it do what you wish.”
F. The same Matt who wrote in the WordPress trademark policy that “WP” is not a WordPress trademark and anyone may use it however they wish?
G. The same Matt who forked B2, and if B2 was still around, would be quite vulnerable to B2 potentially complaining about Matt’s lack of contribution to them?
It goes on. I hate to say it, but every sign points to Matt being a hypocrite. Even an extortionist.
Have you taken a look at wpengine.com? The name WordPress is everywhere with them declaring they are "The most trusted WordPress platform", "The Most Trusted WordPress Tech Company", "[WordPress's] #1 managed provider" and that "WP Engine is the #1 platform for WordPress". The WP Engine C&D insists they're allowed to use 'WP' (as you echo) but the dispute could be partly related to this broader marketing, which possibly creates confusion (a court will likely have to decide).
Edit: To your first point, Automattic, who originally registered the trademark, apparently has a license from the trademark owner (the Foundation) to use the mark (at least for that domain). https://wordpress.org/book/2015/11/the-wordpress-foundation/ WP Engine, by their own admission, does not have a license. It also seems odd to call Matt perverse in what seems to be a trademark dispute without any acknowledgment that he is the inventor of the software, as such the founder of the community, that his friend Christine Tremoulet coined the name, and that his company originally registered the trademark.
> For example, a consulting company can describe its business as “123 Web Services, offering WordPress consulting for small businesses,” but cannot call its business “The WordPress Consulting Company.” Similarly, a business related to WordPress themes can describe itself as “XYZ Themes, the world’s best WordPress themes,” but cannot call itself “The WordPress Theme Portal.”
If WordPress specifically says that using the tagline “the world’s best WordPress themes” is okay, it’s hard to show anything WP Engine has done as being unacceptable.
Edit, because I’m responding too fast or some nonsense: That’s an interesting point; but if that were true, Matt should have used that as his argument, after sending a polite letter first explaining that was going too far. This did not happen; and considering Matt was on their podcast and didn’t give a darn until lately, it appears to not be a real problem.
>All other WordPress-related businesses or projects can use the WordPress name and logo to refer to and explain their services, but they cannot use them as part of a product, project, service, domain name, or company name and they cannot use them in any way that suggests an affiliation with or endorsement by the WordPress Foundation or the WordPress open source project.
Thats covered by Nominative Fair Use. It's the same body of law that allows a repair shop to advertise that they are a "Volkswagen Repair Shop" (as long as there is no implication that they are officially endorsed by the car company).
You absolutely do have a right to use and sell GPL software. But you might be conflating your rights to the software with your rights to specific trademarked terms.
Consider the wording that Red Hat includes in their trademark policy:
“Nothing in these Guidelines is meant to limit your rights under the terms of a free and open source software license. Trademarks and copyright are different rights, so regardless of what rights or permissions you may or may not have to use the Red Hat Marks, you always have all your rights under any applicable free and open source software licenses.”
To my point, you also have nominative use to Disney and Microsoft marks. You could have a “Disney VHS repair shop” or a “Microsoft products technical support shop”.
I think we agree on this. I'm just trying to understand why you threw out the bizarre Disney/Outlook analogy. Neither of those are open source: I don't have a right to sell those for many, many legal reasons so your analogy is... weird.
Yet you used those analogies as some kind of clever "gotcha" against my legal argument of nominative fair use.
Do you want to try again? Why do you believe this trademark case is, or isn't, covered by nominative fair use? That's the core of the issue and is WPEngine's stated defence. It certainly seems like WPEngine have a strong argument.
Sure, you can use Disney, Microsoft, Volkswagen, and WordPress marks referentially.
You cannot name products or services “Essential Disney”, “Enterprise Outlook”, “The Volkswagen Experiance”, or “Enterprise WordPress”.
Your allowed nominative use and/or a software license does not give you a license to title your own services with their trademarks. My suggestion would be to read through the Red Hat, Fedora Project, or Mozilla trademark guidelines and/or the Debian-Mozilla dispute article.
Disagree. One of the criteria seems to be whether there is a reasonable substitute phrase or word to describe the product. I think we agree that there is no other word to describe the open-source package known as WordPress without using "WordPress".
What would you call your Wordpress hosting service if not "WordPress Hosting"? What would you call your Linux Hosting?
>Your allowed nominative use and/or a software license does not give you a license to title your own services with their trademarks.
Citation?
My understanding is that litmus test is whether the naming implies endorsement or "official-ness" of the offering. There is no hard and fast rule like you're claiming. It's all context dependent. So while a court may find that this causes confusion I don't see it as obvious like you seem to.
Your link, while interesting (thanks!) doesn't appear to be a good analogue. Based on my reading of that page:
Debian decided it couldn't use the Firefox logo because it didn't meet their standards for openness (as it was protected by copyright). So they included "Firefox" without the logo. Subsequently, Mozilla complained that they couldn't use the Firefox name without using all the branding in its entirety. And so... Debian rebranded Firefox (and other Mozilla software) to something else.
In other words, it was Debians policy that prevented them from using the logo, not Mozillas. That's not at all the same. And anyways, none of this was tried in court (thankfully) so it wouldn't be a precedent anyways.
The examples Red Hat gives as acceptable are likely similar wording to how you would offer WordPress hosting without titling your service merely “Enterprise WordPress”.
As for why you don’t receive trademark rights when you are granted a license to code:
“In addition to the license text, open source publishers commonly include statements separate from the license indicating that trademark rights are not provided.”
“One of the primal questions about trademarks in F/OSS projects is, absent a clause excluding a trademark grant, 'Do the open source software licenses imply a trademark license?' […] Given the large proportion of OSI-approved licenses that are either silent on trademarks, or prohibit only endorsement, advertising or other specific behaviors, and the number of software offerings that may be distributed under these licenses, the impact of an implied license would be far-reaching. With the caution that this has not been tested by the courts, the answer should be a clear 'no'. […] Although rights to the use, modification and redistribution of the code are granted under the F/OSS licenses, trademark rights are not provided inherently and often are expressly excluded as a point of clarification. […] The US courts have generally resisted opportunities to imply a trademark license.”
—Tiki Dare (Director of Trademarks and Marketing at Sun Microsystems, Inc.) and Harvey Anderson (General Counsel of the Mozilla Corporation), International Free and Open Source Software Law Review, doi:10.5033/ifosslr.v1i2.11
https://www.jolts.world/index.php/jolts/article/view/11/37
I'm not sure what specific point you're making here. The question at hand is how you *know* that the WPEngine usage is trademark infringement under the law. Nothing you've provided anywhere, at any time, supports that claim.
What you've linked here are the trademark owners wishes about how their marks be used. They are perfectly reasonable, sure. But they don't supersede the doctrine of fair use. That's the important bit. Do you understand that guidelines, requests or even contracts do not superceed the law?
Both your links are titled as "guidelines". Because that's all they are. They are guidelines as how the trademark owner wishes their marks to be used. If you violate the guidelines, you may or may not be in legal trouble but that's up to a court. Not Redhat.
From your Redhat link:
>In these Guidelines, we are not trying to limit the lawful use of our trademarks, including their “fair use,” but rather describe for you what we consider the parameters of lawful use to be. Trademark law can be ambiguous, so these Guidelines are meant to inform you about what we believe are acceptable uses.
And this:
>As for why you don’t receive trademark rights when you are granted a license to code:
This is wayy out of left field. Where did I suggest such a thing? I have no confusion whatsoever about the distinction between copyright and trademark. I'm not sure why you're bringing it up.
Listen, since I claimed the use is likely covered by Nominative Fair Use you've replied four different times and not once come close to properly articulating a legal argument as why you disagree. For that reason, I'm going to bow out of this conversation now. Cheers.
For the last time. The defence argued by WPE's lawyers in one of Nominative. Fair. Use. If your source doesn't address Nominative. Fair. Use. then it isn't a relevant counterpoint. Jesus, it's not complicated.
Only one of the three links you provided as a source even mentions it. And that mention is in the context of (paraphrase) "nothing here is intended to take away your fair use rights".
When you have anything that addresses the issue we've been discussing, I'll be happy to read it. Let me be clear. This isn't an open call to fire any and all articles about trademark in FOSS at me. If they don't address NFE. They aren't relevant. Period.
Please, please do a search and replace for "fair use" before responding with yet another link.
Now that that's out of the way. Here's an actual lawyer with commentary that is *directly on topic*:
Descriptive and nominative fair use
I am not a US trademark lawyer, but to my mind much of this ‘case’ falls to be considered by reference to the defences to infringement known as ‘descriptive fair use’ and ‘nominative fair use’ (nominative fair use being the more likely defence).
The International Trademark Association describes ‘descriptive fair use’ and ‘nominative fair use’ as follows:
“Descriptive fair use permits use of another’s trademark to describe the user’s products or services, rather than as a trademark to indicate the source of the goods or services. This usually is appropriate where the trademark concerned has a descriptive meaning in addition to its secondary meaning as a trademark. For example, WD-40 Company’s use of the term “inhibitor” was found to be descriptive fair use of the registered mark THE INHIBITOR when used to describe a long-term corrosion inhibitor (WD-40) product.
Nominative fair use permits use of another’s trademark to refer to the trademark owner’s goods and services associated with the mark. Nominative fair use generally is permissible as long as: (1) the product or service in question is not readily identifiable without use of the trademark; (2) only so much of the mark as is reasonably necessary to identify the product or service is used; and (3) use of the mark does not suggest sponsorship or endorsement by the trademark owner. For example, one could refer to “the professional basketball team from Chicago,” but it is simpler and more understandable to say the Chicago Bulls. Here, the trademark is used only to describe the thing rather than to identify its source, and does not imply sponsorship or endorsement. … .”
I have not seen the exhibits to Automattic/WooCommerce’s cease and desist letter and so cannot comment on all the circumstances in which the companies are asserting that WP Engine has infringed their trademarks or rights as exclusive licensee. However, as a long-time WP Engine customer who is therefore pretty familiar with WP Engine’s website and marketing, it strikes me that at least a good deal of WP Engine’s uses of the words ‘WordPress’, ‘WooCommerce’ and ‘Woo’ are descriptive/nominative in nature and therefore non-infringing. It is certainly not within Automattic/WooCommerce’s power to prevent all descriptive/nominative uses of those words by WP Engine. Context is key. And I do note that WPEngine says things like this on its website:
Who created WooCommerce?
WooCommerce is developed and supported by Automattic, the creators of WordPress.co and Jetpack. The plugin’s development teams also work with hundreds of independent contributors to provide regular updates, new features, and improved security measures that keep your store up-to-date and protected.
And when WP Engine talks about the likes of ‘WooCommerce hosting’ and that the ‘path to WooCommerce® success starts here’, the webpage states expressly in the footer that WooCommerce is a registered trademark of Automattic Inc.
Bonus link (it's more off the cuff and much less serious - but it will give you a feel for how a legal professional might see this case): https://www.twitch.tv/videos/2261286307
Not to mention his text messages. It's clear that if they were willing to pay, he was willing to not even mention them in his keynote. It looks quite clear that he wanted money and was willing to let everything slide if they got it.
(1) The WPE C&D is, in my opinion, sloppily written, full of equivocation/fallacious reasoning. The situation is not "clear". (2) We haven't heard Matt's explanation of the text messages. (3) The WordPress name was registered in 2006 by Matt's company Automattic. In 2010 it was generously (no good deed is unpunished) transferred to a 501(c)3 and Automattic was given a license to the mark (at least in WordPress.com). According to WPE themselves: "the payment ostensibly would be for a 'license' to use certain trademarks like WordPress, even though WP Engine needs no such license". That's a potentially disputed claim: they very well may need a license as they are (currently) possibly in violation of the (generous) trademark policy by advertising services they've titled "Essential WordPress", "Core WordPress", and "Enterprise WordPress". It's unwise to malign Matt publicly – a court will be sorting out the necessity of the license.
You don't end a trademark dispute with a blog post claiming a host utilizing a feature any sane host would utilize is a violation of some core tenant of WordPress.
You end it with lawyers talking to lawyers quietly.
I don't use WP Engine or WordPress, so I don't have a side in this fight.
As an outsider, that context seems a bit dubious to me.
@photomatt has tweeted [5135]: "[...] Please let me know if any employee faces firing or retaliation for speaking up about their company's participation (or lack thereof) in WordPress. We'll make sure it's a big public deal and that you get support. [...]"
If this was true, I would think that @photomatt's twitter feed would be loudly boosting this disgruntled employee's story of WP Engine-imposed limits and subsequent retaliation. Yet @photomatt's twitter feeds seems silent to me. This makes me skeptical of this context.
That, and the whole thing about Matt M going on a scathing rant about how bad WPEngine supposedly is[0], supposedly because they don't support WP page revision control as well as he'd like. Seems a bit over-the-top and breathless to me.
I figure the whole thing is a corporate whine-fest over who makes more money from actually hosting Wordpress sites.
Seems unlikely though? Matt wrote a post on the web, ie he had unlimited length available to him. If the dispute is over employee contributions, then he should have made that the focus of his complaint.
Automattic invested in WP Engine in the early days, why didn't they acquire it, or WP Engine didn't want to sell. But why did Matt choose the open source license that he chose, it seems like that at the end of the day he only cares for money and not the WordPress community.
He is throwing things around like: "it's tragedy of the commons", "they are evil capitalists" etc. etc. In another words he wants to "hijack" their market share as they supposedly "hijacked" WordPress' brand, logo or whatever.
I know it's not considered "contribution" in the sense that Matt was talking about, but WPEngine owns and maintains some of the most popular and powerful Wordpress plugins on the planet. I'm not sure why he chose to pick a fight with them. My best guess is that he wants Wordpress.com (hosting) to be what WPEngine became.
"I'm literally waiting for them to finish the raffle so my talk can start, I can make it just a Q&A about WP very easily"
If I were attending a conference I'd hope that the keynote speaker would put more thought into his talk than this. Not only is it childish, it's disrespectful to his audience.
some of the comments here are exceptionally biased towards the party that does the "open source washing".
just look at the childish way automattic acted. that's not a way to lead an organization or deal with your competition. you compete by building a better product, take legal action in an adult way if you think they are warranted and in general take the high road - not display your immaturity.
the conflict of interest around the governance of wordpress is icky on top. so he just puts on his "open source" hat to gain favour for his for-profit company?
As a software developer, I can understand the point Matt is making but it's sad to see him calling another competitor a "cancer" to the web. I like Wordpress and was inspired by it a lot but with many years hosting Wordpress sites for our customers, I find its plugin and theme architecture very vulnerable and often be the backdoors for hackers/scammers to launch attacks on servers hosting Wordpress sites. Whoever hosting Wordpress sites must do a good jobs securing their servers to prevent exploits through the Wordpress plugins and theming system. I dont know much about WP Engine but they should be credited for securing their massive Wordpress installations. In my opinion, Matt should focus more on fixing the weaknesses of Wordpress architecture than bashing his competitor, Wordpress is really a pain point to those providing hosting for it. We used to provide Wordpress hosting and did customize it as a website builder but due to its fragile architecture, we have decided to develop our own CMS system, with 3rd party plugin and theming system inspired by Wordpress but have built-in protection mechanism to prevent backdoors potentially exist in 3rd party code.
I'm just confused about the whole thing. Aren't WP hosts a dime a dozen? And if you don't like how they conduct their business, just set up one yourself. I set up one for a friend on AWS, and while it requires some tech savvy, it's not exactly hard for someone with basic tech literacy and ability to follow instructions.
When I read the title I was wondering "strange, wasn't Automattic the company behind wordpress? Who knows maybe they split and now they sued them for XYZ". Crazy.
Instead of going through all this, can't Automattic do like what most companies are doing now? Dual License (e.g., Redis, etc).
Does anyone know why WP engine doesn't actually support multiple post revisions by default? I worked with WordPress significantly quite a while ago and found it to be an absolute dumpster fire of a codebase. It wouldn't surprise me in the slightest if running a scalable WP host required tamping down on some things.
Revisions significantly bloat the size of the primary table (wp_posts) and secondary meta tables. Because WordPress's database architecture is hilariously simple and under-engineered, that bloat ends up slowing down every query.
So, to keep WordPress performant, you either need to regular prune wp_posts, or you need a continually beefier database instance to handle the installation.
Sane DevOps teams just limit revisions to something like "last 5" to keep things under control.
I love it! WP Engine showed its true colors. I also agree with Automattic, and I know customers who got tricked into using WP Engine and were later sorry for doing so! Sending C&D over this stuff is something that bans them for life in my book!
I sort of directionally think that if WPE had a strong case here, their opening bid wouldn't be a C&D (I've noticed C&Ds frequently include a "preserve documents" section, presumably as punctuation, but for what it's worth that's an implicit threat they might sue).
The meat of this C&D seems to be a section towards the middle where they describe Mullenweg's keynote speech. It makes, according to WPE, these claims (numbers mine):
1. Claiming that WP Engine is a company that just wants to “feed off” of the WordPress ecosystem without giving anything back.
2. Suggesting that WP Engine employees may be fired for speaking up, supporting Mr. Mullenweg, or supporting WordPress, and offering to provide support in finding them new jobs if that were to occur.
3. Stating that every WP Engine customer should watch his speech and then not renew their contracts with WP Engine when those contracts are up for renewal.
4. Claiming that if current WP Engine customers switch to a different host they “might get faster performance.”
5. Alleging that WP Engine is “misus[ing] the trademark” including by using “WP” in its name.
6. Claiming that WP Engine’s investor doesn’t “give a dang” about Open Source ideals.
Under a US defamation analysis, claims (1), (3), and (6) appear to be statements of opinion. Statements of opinion, even when persuasively worded and authoritative, are generally not actionable as defamation. It might depend on the wording; in corner cases, an opinion can be actionable if it directly implies a conclusion made from facts known to the speaker and not disclosed to the audience --- but the facts involved have to be specific, you can't just imagine that I've implied I have secret facts (or my audience expects me to) because I'm Matt Mullenweg.
Claim (4) seems like it's probably just a fact? Is WPE assuredly the fastest possible provider at any given price point? The "might" also seems pretty important there.
That leaves (5) the allegation about the trademark dispute, which doesn't sound like an especially promising avenue for a lawsuit, but who knows? and (2) the bit about employee and former employee reprisals. The thing about (2) is if there's a single example of a disgruntled WPE employee who thinks they missed a promotion because they stuck up for the WordPress Foundation or whatever, WPE might have a hard time using that claim.
You'd think that before WordPress/Automattic started directly demanding funds from the board of WPE, they probably had some kind of counsel review this stuff and figure out what they could and couldn't safely say?
Maybe there's tortious interference stuff here that gives these claims more teeth than a typical defamation suit (I've come to roll my eyes at tortious interference, too; unless you're alleging really specific fact patterns I've come to assume these interference claims are also a sort of C&D "punctuation").
This is one of those times where I'm saying a lot of stuff in the hopes that someone much more knowledgeable will set me straight. :)