In a feud that’s sending shockwaves through the WordPress community, website owners, developers, and agencies are caught in the middle of a high-stakes standoff between WordPress and one of its leading managed hosting providers, WP Engine. What began as a disagreement over licensing and user experience has quickly turned into a conflict with real consequences for the security and maintenance of thousands of websites.
Our own Director of Client Services, Caitlin Ordy had the chance to sit down with Head of Web & Digital, Vini Siqueria, who recently joined us from our Irish acquisition, to unpack the details of this ongoing battle. With websites potentially hanging in the balance and industry professionals scrambling to protect their clients, we’re taking a deep dive into what this conflict really means for your website—and how to navigate the challenges ahead.
The Core of the Conflict
At the heart of this dispute is a disagreement over control and how WordPress is used on managed hosting platforms. Automattic, led by Matt Mullenweg, has accused WP Engine of deploying tools that bypass WordPress’s own solutions, thereby circumventing certain elements of the open-source ethos.
The conflict escalated when Automattic alleged that WP Engine was using its influence as a host to offer a modified experience of WordPress that steered users away from default tools, especially within the admin interface. This, according to Automattic, undermines the flexibility and open-source nature that WordPress promotes. Automattic is pushing for WP Engine to stop practices it sees as problematic for WordPress’s ecosystem.
WP Engine, however, argues that they’re providing a streamlined and enhanced WordPress experience, one that is aligned with the General Public License (GPL) under which WordPress operates. WP Engine has also emphasized that they are not restricting users’ control or altering WordPress in any way that breaches open-source principles. They’ve recently responded by deploying their own solution to ensure that their customers can still receive critical updates.
The Impact on Websites
As of early October 2024, Automattic has limited WP Engine’s access to certain WordPress.org resources, including key updates. In response, WP Engine launched a new system, independent of the standard WordPress.org update mechanism, allowing WP Engine customers to continue receiving essential updates for their WordPress core, themes, and plugins.
While WP Engine’s alternative update system addresses some of the immediate security concerns, the situation still poses challenges. Agencies and developers managing numerous sites must now rely on WP Engine’s new tools instead of the WordPress.org update flow. The shift could also introduce compatibility issues or delays as WP Engine adjusts to operating its own update process.
For agencies and freelancers managing dozens of WordPress sites, the stakes are even higher. They will need to ensure that WP Engine’s update system functions as reliably as WordPress.org’s, all while maintaining customer trust and avoiding costly security lapses.
What Website Owners Should Do
If your site is hosted on WP Engine, now is the time to be proactive. Reach out to their support team and understand how their new update system works to ensure your site remains secure and up-to-date. WP Engine has emphasized that their alternative update system is designed to minimize any disruptions for customers.
Consider working closely with your web agency or developer to create a comprehensive maintenance plan. This should include manually checking for updates, testing the compatibility of WP Engine’s new tools, and ensuring that all security patches are applied as they become available.
Third-party tools like ManageWP or InfiniteWP can still help streamline updates across multiple sites. Additionally, ensure your backups are current, and consider implementing extra security measures through plugins like Wordfence or Sucuri.
What’s Next in This WordPress Dispute?
This conflict between Automattic and WP Engine is still unfolding, and many in the WordPress community are hoping for a quick resolution. However, this dispute reflects broader tensions over platform control and how managed hosting services are leveraging open-source software.
Should this standoff continue, WP Engine might face credibility issues in the WordPress ecosystem, leading some customers to migrate to other hosting providers with direct access to WordPress.org updates. At the same time, competitors in the managed WordPress hosting industry may seize this opportunity to position themselves as the more stable alternative.
This clash between platform control and the freedoms of open source is a key struggle within the tech world, and its outcome could reshape how hosting platforms approach WordPress. As this battle unfolds, website owners should prioritize security, stay alert to new developments, and keep their websites flexible and resilient.
As this drama unfolds, one thing is clear—website owners can’t afford to sit back and watch. It’s important to keep your site secure, stay current with updates, and be prepared for whatever comes next in this ongoing WordPress saga. At LOCOMOTIVE, you can rest assured that we’re staying on top of the situation and will keep our clients informed every step of the way, helping you implement strong maintenance plans to navigate this challenging time.