Skip to content

Automattic blocks WP Engine’s access to Wordpress servers

  • by
  • 3 min read

The drama in the WordPress community continues to unfold as Automattic has banned WP Engine from accessing WordPress servers and resources. WP Engine users also won’t receive any plugin updates, making all websites and users relying on the hosting service vulnerable to cyber attacks.

Automattic claims the move comes in response to WP Engine altering a core WordPress feature to its advantage and blocking the dashboard’s native news widget on any sites using the hosting service to prevent WordPress’ criticism of WP Engine from reaching its users. According to WordPress’ statement:

WP Engine wants to control your WordPress experience, they need to run their own user login system, update servers, plugin directory, theme directory, pattern directory, block directory, translations, photo directory, job board, meetups, conferences, bug tracker, forums, Slack, Ping-o-matic, and showcase. Their servers can no longer access our servers for free.

The block is the latest development in the ongoing conflict-turned-legal dispute between the two companies. Given how frequently security vulnerabilities are discovered within WordPress plugins and themes, blocking access to updates leaves WP Engine users in a precarious position. WordPress has also placed all responsibility for addressing security issues on WP Engine.

This is an image of wordpress 133293230d

While WordPress itself is free and open source, its plugin market has flourished over the years with both paid and free options. Paid WordPress plugins and service providers have built quite the business out of the platform, but WordPress feels it’s being taken advantage of, and the CEO of its parent company, Automattic, made it quite clear.

WP Engine had sent a cease-and-desist letter to Automattic after the latter’s CEO Matt Mullenweg publicly criticised the hosting provider for profiting off of the WordPress open-source project and not giving enough value back. Mullenweg went as far as calling WP Engine a “cancer to WordPress” during a public event.

Only a day after receiving WP Engine’s cease-and-desist letter, Automattic responded with its own, demanding compensation for WP Engine’s profits generated through the use of these trademarks and threatening legal action if the matter was not resolved.

In any case, a quick resolution to the situation remains unlikely. In the meantime, WP Engine users might start considering alternative hosting options, especially considering the risk they’ve been exposed to, just because two companies have decided to duke it out in the open.

In the News: India’s Enforcement Directorate busts $47.6M Fiewin app gaming scam

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

This is an image of dark web hacker security

Apple and Android app stores found offering spyware

This is an image of whatsapp featured 11

US House of Representatives bans Meta-owned WhatsApp on official devices

Illustration: jmiks | shutterstock

Ransomware group now lets you call a lawyer

This is an image of data breach cyber security 239847238978

Oxford City Council data breach leaks two decades of data

This is an image of facebook featured

Meta plans to introduce full passkey support for Facebook on mobile

This is an image of cloudflare featured office san fran 1

Cloudflare blocks record-breaking DDoS attack

>