Are Wordpress Plugins GPL License? Can Anyone Use My Plugin Code

Yes, it's true, and no you can't really protect the plugin. Plenty of plugins have been sold and made their owners rich. If you're still concerned, you can always offer superior support which anyone stealing your code likely won't be able to provide.

See here for more info: WordPress GPL License Explained for Theme and Plugin Developers

I offer my floatlink plugin for $10 (free to warroom members) and have already found a "nulled" version on a black hat forum (it had my name removed from the php code, which wasn't visible to end users anyway).

It took me about 6 hours to develop where I wanted it, I've sold 24 copies, which means I more than paid for development and marketing, but it only took a month before free versions were available. However, Those free versions won't have easy access to updates, the 10% discount on all Nochek Solutions software, free general support and $5 integration, etc.

Sure, they can download my plugin for free somewhere, but the idea is to offer enough services and essentials to make it worth purchasing. No matter what, when you give someone software it is no longer yours, license be damned. It doesn't matter the encryption used, the language, the programmers skill, the licensing callbacks, etc. All that is fluff to work around, because you have given them the software.

Since anyone can view WordPress plugin source code you should consider using an encryption program to secure your PHP code, although there is no guarantee that this precaution will stop advanced users from cracking it to see the source code.

The best solution would be to host the files/service yourself and have users subscribe to the service. That's not really possible with WordPress plugins since they cannot contain third party links, but it would be possible if you moved this application to a standalone PHP script.

good luck!

Here is a interview with Matt Mullenweg himself speaking specifically on GPL.

All themes and plugins are GPL according to him.

Matt Mullenweg: WordPress and the GPL | WordPress.tv

Richard Wing
623-505-6302
skype - richardwing

These are great questions, and I also wrestled with them very recently in my first for-profit project. I come from spending the last 6 years firmly planted in project-by-project open source work where I bill per hour for taking high level requirements and turn them into working tools. I develop on an LGPL php framework, and none of my code is protected.

* Protecting code via obfuscation, bytecode protection, etc. is a waste of time. Not only is it exceedingly easy to de-obfuscate all of the lighter tools out there with basic knowledge, I personally think it invites people to try.

* Deeper forms of encryption like bytecode via IonCube or Zend Guard require special modules to be installed on every server the code needs to be run on. You might as well flip off 98% of your potential buyers.

* To have a problem with code piracy is a good problem to have - it means you have reach into the marketplace with something in-demand. Instead of treating those unlicensed users as cheats or criminals, turn it into an opportunity to build a loyal customer relationship. You may want to even once established consider putting a bounty on unlicensed software to attract these folks in for a legit product. My belief is this would only work if you have something more to offer on the back-end, like some level of priority support, upgrades that include not just fixes but new features, or something else of ongoing value.

* Leaving your code exposed will provide the seeds of community around your brands and products and services. Invite collaboration, don't forestall it.

* Fighting this battle is like whack-a-mole. We all remember that game, right? Another damn mole always pops up. The same is true. Better to have the mole promoting your product, submitting feedback/bug reports and loving your positive spirit of collaboration instead of wanting to prove to you they can hack your stuff.

Plenty of other good reasons too, but this is getting long-winded. HTH!

I take it as a given that whatever you produce will eventually be distributed legally or not. I don't really think about it too much. As someone said, offer the best support possible in a way only you can, because no one else knows the code as well as you do.

As far as I know there is no such thing as perfect protection and it is 100% guaranteed that anything you come out with will be shared for free whether you want it to be or not.

The best advice I heard on this is don't be a one shot deal. In other words don't focus your efforts on only one product, you do not have income security on only one product.

I researched the wordpress issue in regards to licensing. My understanding is that anything that connects to or is "plugged in" to wordpress and/or it's database must be licensed under GPL. Even if you create a script that connects to the wordpress database, totally bypassing the wordpress core files also must be licensed under the GPL.

Themes also must be under GPL but individual assetts like photographs, images, css etc... do not.

That however does not mean you can't sell your plugins or themes, just that they must be licensed under GPL when or if you do. If you don't like that then I guess from the creator of wordpress, don't develop for wordpress there are plenty of other CMS's out there.

Steve, I reread your post and I see what you are saying but that is not what Matt thinks, legally you maybe right but I am not sure that it has been tested in court yet. I just follow the guidelines so to speak of the intention and actual commentary Matt stated on this.