Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
The Courts Technology

WP Engine Sues WordPress for Libel, Extortion 49

WP Engine, a major web hosting provider, has filed a federal lawsuit against WordPress [PDF] co-founder Matt Mullenweg and Automattic, alleging libel and attempted extortion. The suit stems from a public dispute over WordPress trademark usage and open-source licensing.

WP Engine, which hosts over 200,000 websites, accuses Mullenweg and Automattic of "abuse of power, extortion, and greed." The conflict escalated after Mullenweg called WP Engine a "cancer to WordPress" on his blog, prompting a cease-and-desist letter. Automattic subsequently demanded 8% of WP Engine's monthly revenue as royalties for alleged trademark infringement. The lawsuit includes 11 complaints, ranging from slander to violations of the Computer Fraud and Abuse Act.
This discussion has been archived. No new comments can be posted.

WP Engine Sues WordPress for Libel, Extortion

Comments Filter:
  • Third opinion (Score:4, Insightful)

    by CEC-P ( 10248912 ) on Thursday October 03, 2024 @09:06AM (#64836741)
    As a former web UI designer and web developer, I hate them both. They're garbage and a complete and utter stain on the internet. They make generic garbage websites and let unqualified people run the whole website project into the ground while getting their email accounts hacked to send out phishing scams. You know, instead of hiring a professional web design firm to do it, who probably also is some dumb 20 year old with no college degree who also uses wordpress and thinks scaling an image while changing the aspect ratio is just fine and doesn't know what JPG encoding levels even is.
    • Re: (Score:2, Informative)

      by drinkypoo ( 153816 )

      I'm going to join in with you here and at least one of us will be downmodded, probably me. Even without adding questionable addons, Wordpress is a security shitshow. For example, there have been numerous SQL injection and XSS vulnerabilities in the WP core.

      Cites: https://patchstack.com/databas... [patchstack.com]

      • That link doesn't provide the support for your argument that you claim.

        A casual look at it shows that WP plugins are a security shitshow.

        It's true that WP has had its share of security issues in the past, but I think that recently, it has been much better.

        • One of the things wp engine does is monitor for plugins with vulnerabilities and automatically disables blacklisted ones with issues. As to why this couldn't be done by core WordPress..it's a laissez-faire attitude. Unfortunately expecting a bunch of amateur web admins to implement security best practices is what led us to this understanding WP is a security shit show.
        • That link doesn't provide the support for your argument that you claim.

          Tell us you couldn't figure out how to operate the site without telling us.

          A casual look at it shows that WP plugins are a security shitshow.

          You have to click twice to see only core vulnerabilities. HTH, HAND.

      • For some reason there are literally always people with modpoints who reliably defend WP against "attacks", AKA sharing facts about it.

        I can only conclude that they are not only WP devs, but also personally responsible for it being trash software.

        What's weird to me is that it is among the least secure CMSes, even though it is arguably the most popular CMS. The conventional wisdom is that many eyes improve security, but there must be something at WordPress which prevents that from occurring.

        Drupal used to hav

      • by Revek ( 133289 )
        I don't disagree but you have to consider the reason why wordpress gets compromised so much is because of its popularity. No one is trying to hack some fringe framework.
        • Drupal is the basis for over 50% of the government websites in the world. You think nobody is attacking those?

          • I work as a SOC Analyst, some of our alerts are from web vulnerability scans that are occurring. I can say with certainty, even from my own websites, that the majority of them are either out to get something written in Java or Wordpress, doing code injection or scanning for common files found in Wordpress. On my personal sites, I see scans looking for the Wordpress admin or plugins even though I don't use Wordpress at all for most of them.

            I'm 99% certain that these vulnerability scans are 100% automated,
    • by cstacy ( 534252 )

      scaling an image while changing the aspect ratio is just fine and doesn't know what JPG encoding levels even is.

      How you even know you got JPG encoding levels, kid?

      a childhood memory [youtube.com]

    • Welcome to modern IT. There is such a huge demand for software (and I loosely include websites as software) - there just aren't enough competent IT people to produce it all. There is the flip-side as well: what top-notch IT person wants to produce endless crappy websites? Hence, you get tools like WordPress that let marginally competent people produce stuff.

      Why WordPress a mess? It is designed to let basically anyone do basically anything, either directly, or with any of a zillion plugins. There is no way

      • There is no solution to this problem. It is just inevitable...

        I'm presuming the KISS principle isn't an option? We have to have the most convoluted, jazz-fangled software/web sites imaginable.

        This is like people complaining the touchscreens in their vehicles are a pain to use. Apparently there's no way to correct this situation.
      • by unrtst ( 777550 )

        there just aren't enough competent IT people to produce it all.

        Oh, there are enough of them. There just aren't enough competent IT people WILLING to produce all that garbage for next to nothing.

        What I used to think was unacceptably awful output from MS FrontPage would look lightweight and clean compared to most of those WP sites (where you must consider both the backend code, frontend, and the javascript in the middle). I wouldn't go so far as to say that such things have a right place and right time, but there's certainly a market for it.

      • Why exactly would you not want a tool, that it lets marginally qualified people, make websites?

        You are not making any sense.

    • "'scaling an image while changing the aspect ratio is just fine and doesn't know what JPG encoding levels even is."

      Um, I've known all that since around 1995. I'm not an expert, no college, no training except my own self-taught.

      So the experts, professionals, for so long, were designing web pages more than 18700 pixels tall, when common monitors were 800x600, and 1024 monitors were pricey and uncommon. Forcing most visitors to scroll to see the SUBMIT button just to accept the TOS/EULA agreements and actually

    • by jonadab ( 583620 )
      Eh, I'm not a huge fan of WordPress either, but at least its output can be meaningfully styled with CSS, and can reflow reasonably when the browser window is a different width. The real cancer in web design is those horrible PrintShop-esque prefab website services (Wix, SquareSpace, etc.)
    • Re:Third opinion (Score:4, Insightful)

      by mysidia ( 191772 ) on Thursday October 03, 2024 @10:57AM (#64836955)

      As a former web UI designer and web developer, I hate them both.

      Wordpress solves a problem. So unless you have a better solution to that problem which is not massively more expensive (such as requiring people familiar with handcoding HTML, CSS, and JS to build websites), and is not massively more limited (Such as not capable of doing what wordpress can do to the same extent with the same ease for its userbase): The existence of Wordpress is a net positive for the internet as it makes things better for Wordpress' users, and the visitors to their websites.

      • Wordpress solves a problem. So unless you have a better solution to that problem which is not massively more expensive (such as requiring people familiar with handcoding HTML, CSS, and JS to build websites), and is not massively more limited

        It is called Drupal.

        They have had far fewer vulnerabilities in the core, and in the popular modules. Today this is in large part because it is based on the Symfony framework, so they don't have to do that part.

        The existence of Wordpress is a net positive for the internet

        False. If it didn't exist, most of the people who use it would use Drupal, which is more secure.

        • Sorry but no. Having used both, one is a single click away, the other requires actual knowledge. They are not the same. There are many people who rely on Wordpress. Heck even me as a tech head could setup Wordpress on my hosting provider *LITERALLY* with a single click, but Drupal would be far more complex.

          • Sorry but no. Having used both, one is a single click away, the other requires actual knowledge. They are not the same.

            You do not need to know shit, because if you do not know shit, you just go to a hosting provider who does the installs for you like most of them do.

            Heck even me as a tech head could setup Wordpress on my hosting provider *LITERALLY* with a single click, but Drupal would be far more complex.

            Me as a tech head could set up Drupal on my hosting provider *LITERALLY* with a single click. They have a facility for that. Are you new?

        • Drupal is so much less friendly that if it was the most used platform, there Web would be significantly smaller (a net negative). Now, if you think a smaller web would be beneficial, how can I argue?

        • by mysidia ( 191772 )

          It is called Drupal.

          They have had far fewer vulnerabilities in the core, and in the popular modules.

          It seems that Drupal is not actually an alternative to Wordpress for the basic problem of providing an easily installable system with an intuitive User-friendly UI for non-technical users to build and deploy blogs and simple websites.

          I would point out that Wordpress came to fruition years after Drupal released. If Drupal had solved the problem, then people would likely have already been using Drupal

          • I've never used Drupal, but I imagine it still boils down to the tech skills of the user. Are there virus scans on plugins like the Google App store? Do plugins run in containers and talk to each other through APIs? That's more or less how Android works (At least GrapheneOS). Since none of those are true, there are still chances you can get a faulty website. Is it more common with Wordpress? yes, because of people's tech skills, but it's entirely possible to completely secure a Wordpress site. Wordpress.org
  • Seriously, this isn't as fundamental an argument as, say, SCO v Linux or the Java/Javascript trademark issue, or even deno v node. It doesn't need the daily attention on /. that the mods seem to be giving it.

    • You want more AI stories I suppose? Count your lucky stars that we still get some non-AI non-Apple/Google/Meta/Amazon stories
    • It doesn't need the daily attention on /. that the mods seem to be giving it.

      At the core is an issue of a potential GPL violation. This story qualifies more for this audience (or at least this audience with a sub 7 digit UID) than most of the drivel posted here these days.

      But further down is a story of Paypal making a transaction with a stable coin (whooopediefuckingdoo) if that tickles your loins more.

  • because one dude didn't like that a completely separate company wasn't enabling version control in its customers' web pages

    JFC. How about you just make a marketing campaign that *your* company is superior because it has versioning? Rather than get into a pointless legal battle?

  • by DeplorableCodeMonkey ( 4828467 ) on Thursday October 03, 2024 @11:58AM (#64837095)

    WordPress.com is a commercial entity. WordPress.org is a non-profit. Both of them are run by the same guy, Matt Mullenweg. From the outside, it does not appear that there is a meaningful separation to prevent a conflict of interest like this where the .org is being used as a weapon to defend the .com side.

    IANAL, but Mullenweg could be starting to crack open Pandora's Box for his side by weaponizing a non-profit to materially benefit a for-profit entity he owns a substantial share in and runs.

    To my knowledge, WP Engine is not accused of any sort of GPL violation. Literally their whole "evilnness" is being too competitive at hosting services without contributing what Mullenweg thinks is "their fair share."

    I would be very curious to know if Mullenweg has the kind of legal team that can look at the situation holistically and tell him if he's truly safe or inviting a bloodbath from state and federal regulators over misuse of the non-profit.

    • To my knowledge, WP Engine is not accused of any sort of GPL violation.

      Correct, he's accused of trademark dilutement, by offering a locked down product based on the original code. That was the complaint. Go read it, we've only run multiple slashdot stories on it so far.

      and tell him if he's truly safe or inviting a bloodbath from state and federal regulators over misuse of the non-profit.

      There is nothing about being a non-profit that prevents you also running a for profit entity in the same line of business. This is something they've been doing for 20 years now, they'll be fine on this front.

      • The WPEngine trademark has been in use for like 10 years. They never enforced the trademark before on them. As far as I'm concerned, WordPress has failed to protect the 'WP' as a mark and have lost that. They better be careful, because they might also loose the Wordpress mark too if it's shown they did not aggressively protect that one either. IANAL.. just my 2 cents. Remember these all use to be trademarks: Aspirin, Escalator, Thermos, Yo-Yo, Zipper, Videotape, Trampoline
        • That's not the point being made. They aren't going after WP Engine because they use WP in the name at all. They are going after them for the recent practices of offering a restricted product claiming to be Wordpress.

          Wordpress actively allows the use of their name on services that provide their product.

          Think of it this way: A car dealership has been selling Fords for a decade. Suddenly they decide to sell Fords but with 2 of the cylinders removed from each engine. It's no longer the original Ford product. Ju

  • Between the security issues in the core and the security issues in the endless plugins, wordpress is garbage. Our Marketing group uses outside help for the web site and they demand wordpress. I run it at a hosting provider I don't care about and the website stands completely alone in the world. I keep that toxic garbage as far from everything else as possible, just a matter of time before compromise.

/earth: file system full.

Working...