Related article on TechCrunch: https://techcrunch.com/2024/09/22/matt-mullenweg-calls-wp-en...
I sort of directionally think that if WPE had a strong case here, their opening bid wouldn't be a C&D (I've noticed C&Ds frequently include a "preserve documents" section, presumably as punctuation, but for what it's worth that's an implicit threat they might sue).
The meat of this C&D seems to be a section towards the middle where they describe Mullenweg's keynote speech. It makes, according to WPE, these claims (numbers mine):
1. Claiming that WP Engine is a company that just wants to “feed off” of the WordPress ecosystem without giving anything back.
2. Suggesting that WP Engine employees may be fired for speaking up, supporting Mr. Mullenweg, or supporting WordPress, and offering to provide support in finding them new jobs if that were to occur.
3. Stating that every WP Engine customer should watch his speech and then not renew their contracts with WP Engine when those contracts are up for renewal.
4. Claiming that if current WP Engine customers switch to a different host they “might get faster performance.”
5. Alleging that WP Engine is “misus[ing] the trademark” including by using “WP” in its name.
6. Claiming that WP Engine’s investor doesn’t “give a dang” about Open Source ideals.
Under a US defamation analysis, claims (1), (3), and (6) appear to be statements of opinion. Statements of opinion, even when persuasively worded and authoritative, are generally not actionable as defamation. It might depend on the wording; in corner cases, an opinion can be actionable if it directly implies a conclusion made from facts known to the speaker and not disclosed to the audience --- but the facts involved have to be specific, you can't just imagine that I've implied I have secret facts (or my audience expects me to) because I'm Matt Mullenweg.
Claim (4) seems like it's probably just a fact? Is WPE assuredly the fastest possible provider at any given price point? The "might" also seems pretty important there.
That leaves (5) the allegation about the trademark dispute, which doesn't sound like an especially promising avenue for a lawsuit, but who knows? and (2) the bit about employee and former employee reprisals. The thing about (2) is if there's a single example of a disgruntled WPE employee who thinks they missed a promotion because they stuck up for the WordPress Foundation or whatever, WPE might have a hard time using that claim.
You'd think that before WordPress/Automattic started directly demanding funds from the board of WPE, they probably had some kind of counsel review this stuff and figure out what they could and couldn't safely say?
Maybe there's tortious interference stuff here that gives these claims more teeth than a typical defamation suit (I've come to roll my eyes at tortious interference, too; unless you're alleging really specific fact patterns I've come to assume these interference claims are also a sort of C&D "punctuation").
This is one of those times where I'm saying a lot of stuff in the hopes that someone much more knowledgeable will set me straight. :)
Alexa, order ten cases of popcorn...
For example, if I have a WordPress site I've built from scratch out of WordPress.org, I am just going to assume trying to put it on WordPress.com will be annoying (and possibly even impossible?), because of issues with themes or plugins or whatever due to the fact that WordPress.com is a separate, hosted SaaS-style CMS, and not a hosting environment for WordPress sites.
WPE, by contrast, is Just Another Webhost to me, with some special bells and whistles for WordPress.
I was under the assumption that WordPress is OSS, and WPEngine is running this software on their platform, so there was an update to this software, contributed by Automattic developers which included a banner denouncing WPE, and the WPE people decided to just deploy that update to their platform?
I don't think that means they "put the banner on their instance" does it? If they are unhappy with the management of the open source software they are using on their platform they presumably could fork it, or decide to not deploy the version that includes this banner, no?
They are pretty clear they will go after them for torturous interference, unfair competition, etc.
California's UCL is much broader than you may think here - it is consistently interpreted very broadly by california courts, and has fairly low requirements (IE fraudulent business practices under the UCL do not have meet the same requirements as fraud)
The diminished standard of intent and the fact that a mere advertisement can trigger liability in some states makes UCL/CFA extremely powerful in some cases.
The letter in entirety is a warning of potential legal action. That is the next action if the other party neither ceases or desists.
Maybe this is normal, but we're glorified animals trying to find justice out of a made up process. It's arbitrary, hence arbitration. Not a lawyer either. You probably know more terminology than I do; I just deal with them a lot :/
edit: I think it's a little strange to be placing judgements at this stage. We'll hear the facts if this goes to court. There's enough to know several are upset. Another consideration: by placing the numbers you're kind of trying to make their argument. Why? Let them.
That’s what they’re talking about preserving.
> I sort of directionally think that if WPE had a strong case here, their opening bid wouldn't be a C&D
I believe, as a non lawyer, in some places to be able to sue for defamation you must first contact the defamer and demand they take it down.
I have no idea and no opinion if there is a case. If there is a case a C&D might be a necessary step.
Creating a track record/evidence. Or the opportunity. My only practical experience is trying to get a restraining order. It's harder than you might think. Legal system demands work to work.
But dang is not theirs to give!
This is the big one to me, actually. If Matt used the announcement feature in the WP.org codebase to place an announcement in WPEngine customers consoles telling them they should not support WPEngine, but instead his for-profit competitor, WP.com, it's pretty hard to argue that that is anything but tortious interference.
Also, I see no way how this going forward even in front of courts could end up with wp engine replacing WordPress.com.
Just "lol", it's really funny line when taking into consideration all the years how he manages WP, cares about direction it moves, fosters and cares about OSS, directs funds and all of other countless things AND putting on the other chalk some WP hosting which happened to grow for one reason or another and is contributing peanuts compared to what it gains from the WP. No, he still has a lot of credibility.
Sure, the license allows them to do whatever they want, but there's nothing wrong with publicizing that they don't give much in return. With over $400M ARR, thats something they could easily resolve.
In all seriousness, if this whole thing is about some false marketing claim from WPE, then call them out specifically on that in a tweet or something. Why does it deserve the "scorched earth nuclear approach", which equates to blackmailing them into giving you millions to prevent you from disparaging them in all media outlets? The claims Matt made go far beyond WPE not contributing to WP development as much as they say they do.
This corporate mudslinging paints WP.com in a much worse light than WPE. IANAL but I think there's a case here for a defamation lawsuit at the very least, if not for outright blackmailing.
No?
If you don't want people to use your stuff, don't give it away for free.
> there's nothing wrong with publicizing that they don't give much in return
That would be the case IF giving back was part of the deal which they are therefore reneging on. It was not. You are in the wrong.
I read the comments from Matt M yesterday, and it felt like a hit piece.
I run a website for a couple scifi like conventions, we need cheap reliable hosting without me having to deal with the vagaries of running wordpress myself.
I would have bought a product like WP Engine directly from Automattic, but AFAIK they dont offer one, this feels like lashing out at a competitor because they failed to enter a market segment, and now feel their lunch is being ate.
I ran websites for a long time without any version control, and would have no problem doing it again, the benefit of WordPress is the semi-WYSIWYG editor and the plugin ecosystem.
I can't speak to the reliability, but it's definitely not cheap
We shouldn't overrate a lot of those features, because I think they were pretty obvious things to want. But WPEngine was, afaik, the first to market with all of the above in a pretty-cheap and seamless package.
Like Wordpress.com in hindsight seems to offer it, but its not clear to me that I'm their customer target.
You definitely were ripped off.
In my experience, WordPress itself could be called a Cancer to the Web.
The amount of new clients I've picked up who needed help rescuing broken and malware ridden WordPress sites is... well, it's more than I'd like as I really do not enjoy WordPress LOL
We had 2 developers, a PM, 20-30 content writers and $5B ARR. Websites were strictly for marketing/leadgen. Even when we switched to building a static site, we still had our content editors write markdown in WordPress because it was easier to do that and pull all of the content from the database on deploy than train them.
The absolute worst part of being a WP Engine customer was being on Linode and the yearly Christmas Eve DDOS.
No that’s on the various design agencies that sell “custom websites” and instead they just slap together a 59$ theme and a dozen plug-ins. Most customers don’t know shit about the web and they just trust the agency to do a professional job. And in my 10+ years of experience as a freelancer I’ve seen plenty of agencies taking advantage of clients.
So they weren't web sites but spam.
What I'm curious about though is if your former workplace still exists or is now AI generating the spam...
Please tell me that these 30 people weren't the full company generating $5B in annually recurring revenue?
me neither but it pays; when we get called, bad things already happened, so it's always an emergency which means we can ask for 400-500$/hr to fix it. And there are so many bad wp sites that we can retire on that alone. But let me tell you about OpenCart, Drupal, etc which also are all lovely targets and more niche so higher hourlies!
As someone with a formal verification and static typing background, it is the most terrible crap there is, but it is very good business.
May I ask how you find this kind of work? The kinds of orgs with hacked/broken/incompetently-run WP installs don’t tend to be the type of orgs you’d find via professional networking, but by going through the dregs of Craigslist’s gigs pages, no?
For example, I notice that most of the automated "attacks" on my server are WordPress related. Is its defect rate significantly higher than other systems', or is it just that if you're going fishing you should bait for the most common fish? PHP and Apache come up a lot too.
“WordPress takes care of 80-90% of the mechanics of Search Engine Optimization (SEO)”
Agencies really latched onto that!
SEO was the new hotness.
An industry was then built around WordPress.
Clients would hear that it was the best at SEO, and they wanted a CMS they could update themselves.
Agencies could churn out variations of the same WordPress site and plugin stack, and then charge clients for ongoing hosting and maintenance fees to keep it updated.
Then there are all the plugins that get added depending on the whims of the 'developer' at the time.
The WordPress website then languishes when the agency or dev vanishes, WordPress gets hacked, and the client gets charged again.
The WP GUI builder plugins are a whole separate hellscape all to themselves!
So because the majority of users are not savvy, it's become a cesspool. Then you read about it on a tech forum like HN and it is derided as an inferior product rather than allowing improper use by the user/operator.
Its quality is astonishingly bad. It was clearly developed by someone who didn't even have a basic understanding of relational databases. Unless something has changed, plugins and themes can run arbitrary PHP on the server.
Anything ubiquitous is going to be hated. I agree. But WordPress is bad from a fundamentals perspective.
I don't particularly love PHP, but you don't need to touch it if you don't try to write any plugins. Yes, some of its practices are pretty wacky, like every plugin has full access to the filesystem and database to do basically anything, and the system expects to be able to update code files in place from web requests, but meh, just give it it's own $5 server and let it do its thing, and definitely be very careful which plugins you use and how you get them.
What you get in return for this is a perfectly fine CMS that anyone with basic computer skills can run. Yeah, static site generators are cool and all that from a tech expert's perspective, but nobody who isn't a tech expert can actually do anything with them, and oh, by the way, the ability to make any changes at all typically involves at the very least SSH access to the host server with full write permissions.
Instead of WordPress, what solutions do you use?
Wix, Squarespace, Webflow, Webnode and other wysiwyg ones are even worse imho.
Are there any non-Nodejs or non-React open source CMS that don’t vendor lock you?
Because I feel that WP somehow sucks in details and maintenance, but I can’t find anything comparable without being sucked into development hell. :)
Thanks for suggestions.
What "broken and malware ridden WordPress site" typically means is "customer installed a bunch of random plugins from random sites written by teenagers or bozos who don't know what they're doing". And yes, that can screw things up, but that's not really WordPress's fault IMHO.
Maybe it can do more to protect users from this; I don't know. But obviously the plugin ecosystem is a hugely important part of the WordPress platform and you can't just lock that down technically. Just make sure you only install plugins from authors who aren't teenagers or bozos.
I'll add that personally I don't especially like WordPress for various reasons. But at the same time I don't think this is really a fair criticism.
Which means, if we want to kill WordPress, we need to offer a better solution. Not just for WordPress, but a coherent system that also reimplements the top hundred or so plugins.
If anyone wants to join me rewriting it in Laravel so we could add a WSL-like layer for WordPress cancer plugins… I don’t know. I wish someone would have the conversation. I don’t even care whether it’s Rust.
And a solution for which a typical non-tech business can ask around their family/friends/employees and find someone who's experienced enough to come in for a few hours out a few hours a week to to typical CMS admin/editorial stuff. And for which there are heaps of easy to find tutorials and youtube videos which can get someone up to speed enough to keep their own site running, while still spending 95+% of their time making widgets or selling trinkets or whatever their actual business is.
I'm not _that_ much of a fan of WordPress, but WordPress on WPEngine is 100% my initial recommendation for anyone asking about how to run their business website.
(I'd be curious to see a Rust backend API replacement for the WP + top 100 plugins that uses the standard html/frontend, to have the type safety and security Rust is famed for, while being identical in use to WordPress so all the people currently admin-ing WP site wouldn't have to even know it's different. But not curious enough to expend any effort to make it. )
I wrote a WYSIWYG CMS for Laravel called Prodigy that I really enjoy but it hasn’t gotten much market pick up.
There’s definitely some thinking in this area on how to move WP users toward Laravel.
Except they don't. A static website would work for 99.9% of all businesses and could be hosted on a potato.
The problem is that marketing wants a website that "Doesn't look embarassing and has 5 nines uptime."
Translation: "Marketing wants a website that looks completely like our competitors(because reasons)! But make it completely different (because reasons)! And make sure it's on AWS (because reasons)!"
Response from IT: "Our website results in zero revenue to the company and is a gigantic security problem and spam magnet. And because marketing is involved it's also a headache of a political football. Here's the WP Engine credentials. Now fuck off."
A PHP version is vulnerable. If you upgrade it, some plugin breaks. If you manually upgrade the offending plugin, the pesky developer now wants a subscription. Just a nono. I build on Hugo.
Once we installed a few security plugins, it worked out just fine!
It's a new stack, but it's pretty revolutionary foundation, and as we get some good templates and imrpove the UX, I think it should bring a lot of joy to people who currently suffer with wordpress. It's all open source/public domain. Having started my programming career in Wordpress ~17 years ago, I have been able to take my favorite parts from it and get rid of all the annoying parts (like requiring a database, php/javascript hybrid, etc).
Let's say you were distributing a browser, let's call it Firefox. You might have a corporation and a nonprofit and call them the Mozilla Corporation and the Mozilla Foundation.
Maybe in this scenario you would allow certain commercial uses of your registered trademarks so that the software could be distributed by others. Parameters in this policy might only allow the commercial use of the trademarks in certain ways, enabling others to advertise their product like "Grammarly for Firefox" or even their service "Download Firefox from CNET" without infringement. But these parameters would go on to disallow one from using the terms in a way that implied a direct connection to the Mozilla Foundation or caused confusion with regards to the root product such as advertising your site, CNET, as "The Firefox Store".
Then let's say someone renamed their CNET site FFXSource. And then advertised themselves as "The Most Trusted Firefox Tech Company" and that their download was "The most trusted Firefox build". They might be told this violated the terms that don't allow implying official connection to the wider project. (And then let's say the download they were offering had the browser History pane feature stripped out.)
In this scenario, it seems it would be the duty of the trademark owner, the Foundation, to seek that FFXSource either come into compliance or, to continue use that exceeded the blanket guidelines, to acquire a dedicated, more-expansive commercial license. (Of course none of my thoughts on this are legal advice.)
This is addressed on page 5, where they quote the trademark policy[0], which until a few days ago said: "The abbreviation 'WP' is not covered by the WordPress trademarks and you are free to use it in any way you see fit".
The current policy[1] has since been modified to specifically mention WP Engine and make seemingly irrelevant accusations towards them, but it still retains the part about "WP" not being covered by their trademarks.
> And then advertised themselves as "The Most Trusted Firefox Tech Company" and that their download was "The most trusted Firefox build".
Using that sort of phrasing would clearly be misleading and looks like it would have been disallowed by the trademark policy, but is that what WP Engine actually did?
[0] https://web.archive.org/web/20240912061820/https://wordpress...
[0] https://www.redhat.com/en/about/trademark-guidelines-and-pol...
[1] http://modeltrademarkguidelines.org/index.php/Model_Trademar...
Weaponizing the trademark that's more strongly associated with the software itself than the company Wordpress is a pretty low blow. WP Engine is hosting Wordpress, full-stop. There's maybe a discussion to have about when modifications constitute a fork that warrants a different name but we're about as far away from that as you can be.
I honestly don't know why Matt cares. His competitor is owned by PE, just wait for them to eat the business and offer a one-click migration. Play the long game.
WP Engine is not WordPress
...a business related to WordPress themes can describe itself as “XYZ Themes, the world’s best WordPress themes,” but cannot call itself “The WordPress Theme Portal.”
It sounds like "[the] Most Trusted WordPress Hosting and Beyond" would be allowed.
https://en.m.wikipedia.org/wiki/Nominative_use
[Ianal]
> but they cannot use them as part of a product
I mean, just go to wpengine.com and look at the first menu item: Products --> WordPress Hosting.
WordPress, out of the box, if you throw even a portion of traffic that you would expect form a large media site at it, will fall over.
We modified WordPress, took advantage of all the hooks, basically rewrote the post authoring and search system and introduced caching and databases on top of the default MySQL, such as ElasticSearch for content storage and searching content. We also had a network level CDN in front of it at all times.
By the end of it all, what we had was not fully WordPress anymore.
You'll find that alot of organisations doing WordPress are doing similar things.
Is there significant additional context? Having looked at Matt's comments in the speech I'm not seeing any actual substance of what's wrong with WP Engine.
A. He accuses “WP Engine” for being confusing branding. He literally owns WordPress.com; which confuses tens of thousands of people on a daily basis. (“Are you on the WordPress login page?” “I swear that I am!”)
B. He complains about the post revisions not being limitless. But until recently, WordPress.com had a limit of 25.
C. If post revisions matter, surely plugins matter, right? WordPress.com requires going up two tiers to use any unapproved plugins.
D. Matt was an investor in WP Engine, and even appeared on their podcast last year, even though this revisions system limitation has been in place for a decade?
E. This is the same Matt who wrote the WordPress Bill of Rights, complete with specifically saying “The freedom to run the program, for any purpose” and “The freedom to study how the program works, and change it to make it do what you wish.”
F. The same Matt who wrote in the WordPress trademark policy that “WP” is not a WordPress trademark and anyone may use it however they wish?
G. The same Matt who forked B2, and if B2 was still around, would be quite vulnerable to B2 potentially complaining about Matt’s lack of contribution to them?
It goes on. I hate to say it, but every sign points to Matt being a hypocrite. Even an extortionist.
Edit: To your first point, Automattic, who originally registered the trademark, apparently has a license from the trademark owner (the Foundation) to use the mark (at least for that domain). https://wordpress.org/book/2015/11/the-wordpress-foundation/ WP Engine, by their own admission, does not have a license. It also seems odd to call Matt perverse in what seems to be a trademark dispute without any acknowledgment that he is the inventor of the software, as such the founder of the community, that his friend Christine Tremoulet coined the name, and that his company originally registered the trademark.
As an outsider, that context seems a bit dubious to me.
@photomatt has tweeted [5135]: "[...] Please let me know if any employee faces firing or retaliation for speaking up about their company's participation (or lack thereof) in WordPress. We'll make sure it's a big public deal and that you get support. [...]"
If this was true, I would think that @photomatt's twitter feed would be loudly boosting this disgruntled employee's story of WP Engine-imposed limits and subsequent retaliation. Yet @photomatt's twitter feeds seems silent to me. This makes me skeptical of this context.
I figure the whole thing is a corporate whine-fest over who makes more money from actually hosting Wordpress sites.
https://old.reddit.com/r/Wordpress/comments/1fofdpy/wp_taver...
https://wptavern.com/matt-mullenweg-identifies-godaddy-as-a-...
.. interesting how the phrasing is repeating ("cancer" today) -- calling a competitor a "parasitic company" in 2022.
There has to be a more intelligent descriptor for competitors to WordPress.com ?
If I were attending a conference I'd hope that the keynote speaker would put more thought into his talk than this. Not only is it childish, it's disrespectful to his audience.
just look at the childish way automattic acted. that's not a way to lead an organization or deal with your competition. you compete by building a better product, take legal action in an adult way if you think they are warranted and in general take the high road - not display your immaturity.
the conflict of interest around the governance of wordpress is icky on top. so he just puts on his "open source" hat to gain favour for his for-profit company?
https://automattic.com/2024/09/25/open-source-trademarks-wp-...
The receipts in the C&D don't leave one with a positive impression of Matt.
I'll wait for Matt's response, but I can't imagine it's anything more than "well, we deserve the money I was demanding!"
Instead of going through all this, can't Automattic do like what most companies are doing now? Dual License (e.g., Redis, etc).
So, to keep WordPress performant, you either need to regular prune wp_posts, or you need a continually beefier database instance to handle the installation.
Sane DevOps teams just limit revisions to something like "last 5" to keep things under control.
