The WordPress ecosystem is facing turbulence as a high-profile conflict between Automattic and WP Engine sparks widespread concern. The controversy centers on control and ownership, escalating to a lawsuit between Automattic—best known for WordPress.com and its significant influence on WordPress.org—and WP Engine—a WordPress hosting solution similar to WordPress.com and paid plugin maintainer for tools like WP Offload Media, Advanced Custom Fields, and WP Migrate.
For developers, marketers, and any organization with a website, this situation highlights the importance of understanding how these changes could affect their workflows, security, and platform stability.
To learn more about the issue at hand, Taoti’s Technical Lead Developer, Charles Leverington, and VP of Development, Justin Sykes, sat down with me, Taoti’s Social Media Manager, to help me better understand the implications of this dispute. Charles and Justin offered practical advice for navigating these challenges while ensuring your WordPress site remains secure, stable, and successful.
Q: The WordPress community is abuzz with concerns about the recent disputes between Automattic and WP Engine. Can you shed some light on what’s happening and why this matters to the average WordPress user?
Charles: Absolutely. At its core, the tension revolves around control and ownership within the WordPress ecosystem. Automattic, the company behind WordPress.com and a major influence on WordPress.org, has taken steps that many perceive as overreaching. Take, for instance, the recent situation with Advanced Custom Fields Pro, a plugin previously owned by WP Engine. Automattic released a renamed version of this popular tool—which allows users to easily add custom fields to their WordPress websites for greater flexibility—without a licensing agreement, essentially taking control of the code from Delicious Brains, a WP Engine subsidiary, and locking the maintainers out of their own plugin. A judge has since granted a temporary injunction allowing maintainers back into their code.
Q: That sounds concerning. What does this mean for developers and site owners who rely on tools like Advanced Custom Fields?
Justin: It’s definitely a situation to monitor. For developers who prefer stability, actions like these raise questions about Automattic’s intentions and whether similar moves could affect other plugins or services. Imagine relying on a specific plugin for your projects, only to have it suddenly change functionality without warning. This kind of instability can be really disruptive. However, it’s important to remember that the community around WordPress is strong and diverse, with many players committed to maintaining its open-source principles. Site owners should remain vigilant but not panic—there are safeguards and alternatives available.
Q: Some people are worried about potential security risks arising from these disputes. Is there a legitimate reason to be concerned?
Charles: Concerns are valid, but risks can be mitigated. Any time there’s a change in ownership or control of software, there’s potential for vulnerabilities to be introduced, either intentionally or not. This is why it’s crucial to have strong security measures in place. For instance, at Taoti Creative, we use a staged security process that ensures code integrity and guards against unauthorized changes or hijacking. Even in volatile situations like this, best practices in security—such as thorough code reviews, controlled updates, and proactive monitoring—can provide a high level of protection. WP Engine also acted quickly to mitigate risks on their own sites and recommend that all users update their plugins to the latest versions, which are more protected from plugin hijacking.
Q: With all this happening, is WordPress still a safe and reliable Content Management System for professional websites?
Justin: Absolutely. WordPress remains a powerful and versatile platform. But these disputes underscore the importance of choosing the right hosting and support partner. Organizations should prioritize hosting providers and agencies that understand the landscape and are proactive about mitigating risks. For instance, Taoti offers custom AWS hosting solutions with enhanced security features like CloudFlare CDN integration. This provides an extra layer of protection and performance optimization. Having a robust hosting strategy can insulate site owners from much of the fallout from these industry disputes.
Q: What would you say to site owners who are considering switching hosting providers because of these changes?
Charles: Switching providers is a personal decision, but it’s not something to rush into. If a client is unhappy with their current provider or wants to minimize exposure to these disputes, solutions like Taoti’s custom hosting on AWS can be a great option. It’s designed to be resilient to these kinds of ecosystem disruptions. Ultimately, the goal should be to find a provider who prioritizes your site’s stability and security, regardless of the larger WordPress landscape. Remember that there are many excellent hosting providers out there, including Automattic, WP Engine, AWS, Pantheon, Amazee, and more, each with its own strengths.
Q: Finally, how do you see the WordPress community evolving in light of these tensions?”
Justin: I think we’ll see more fragmentation, with developers and agencies increasingly looking at alternatives or creating forks of key tools to maintain independence. This could lead to more innovation and specialized solutions within the WordPress space. That said, WordPress’s flexibility and large user base mean it’s not going anywhere anytime soon. Agencies like Taoti will continue to play a key role by guiding our clients through these changes, ensuring their sites remain secure, stable, and successful.
Charles: The WordPress Community is still going strong and will be for many tomorrows. If anyone, developer or not, is interested in getting more involved in the WordPress Community, including helping it stay as a truly Open Source community, “The WP Community Collective”—a group of WordPress supporters working together since this instability started years ago—has been shifting some of the Core tooling to work a bit closer to Linux than it has in the past, making it more stable and predictable.
So while a little drama in the WordPress world might be concerning, it sounds like it’s nothing to be worried about for now, especially if your hosting partner is on top of it. But if they’re not, or you’re not sure, reach out to us here at Taoti Creative to find out how we can help.
