Skip to content

Automattic blocks WP Engine’s access to Wordpress servers

  • by
  • 3 min read

The drama in the WordPress community continues to unfold as Automattic has banned WP Engine from accessing WordPress servers and resources. WP Engine users also won’t receive any plugin updates, making all websites and users relying on the hosting service vulnerable to cyber attacks.

Automattic claims the move comes in response to WP Engine altering a core WordPress feature to its advantage and blocking the dashboard’s native news widget on any sites using the hosting service to prevent WordPress’ criticism of WP Engine from reaching its users. According to WordPress’ statement:

WP Engine wants to control your WordPress experience, they need to run their own user login system, update servers, plugin directory, theme directory, pattern directory, block directory, translations, photo directory, job board, meetups, conferences, bug tracker, forums, Slack, Ping-o-matic, and showcase. Their servers can no longer access our servers for free.

The block is the latest development in the ongoing conflict-turned-legal dispute between the two companies. Given how frequently security vulnerabilities are discovered within WordPress plugins and themes, blocking access to updates leaves WP Engine users in a precarious position. WordPress has also placed all responsibility for addressing security issues on WP Engine.

This is an image of wordpress 133293230d

While WordPress itself is free and open source, its plugin market has flourished over the years with both paid and free options. Paid WordPress plugins and service providers have built quite the business out of the platform, but WordPress feels it’s being taken advantage of, and the CEO of its parent company, Automattic, made it quite clear.

WP Engine had sent a cease-and-desist letter to Automattic after the latter’s CEO Matt Mullenweg publicly criticised the hosting provider for profiting off of the WordPress open-source project and not giving enough value back. Mullenweg went as far as calling WP Engine a “cancer to WordPress” during a public event.

Only a day after receiving WP Engine’s cease-and-desist letter, Automattic responded with its own, demanding compensation for WP Engine’s profits generated through the use of these trademarks and threatening legal action if the matter was not resolved.

In any case, a quick resolution to the situation remains unlikely. In the meantime, WP Engine users might start considering alternative hosting options, especially considering the risk they’ve been exposed to, just because two companies have decided to duke it out in the open.

In the News: India’s Enforcement Directorate busts $47.6M Fiewin app gaming scam

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

Illustration: jmiks | shutterstock

Armenian ransomware operator extradited to the US

This is an image of dark web hacker security

Cambodia arrests over 1,000 in cybersecurity raids

This is an image of amazon shopping 1

200 million Prime customers are vulnerable to scammers, says Amazon

Google's advanced protection program now covers chrome

Actively exploited Chrome zero-day gets patched

This is an image of pirate flag 2344562 1280

FBI seizes multiple video game piracy websites

This is an image of cyber security hacked breach

US debt settlement firm suffers data breach; 160,000 customers affected

>