Mullenweg Takes Aim at Wix over GPL Abuses, Wix Response Fails to Address Licensing Issue

Over the weekend WordPress co-creator and Automattic CEO Matt Mullenweg called out Wix for copying GPL code from the WordPress mobile app and distributing it in its proprietary app. He identified two repositories that Wix forked in order to bring the GPL-licensed WordPress Rich Text Editor into its app.

“If I were being charitable, I’d say, ‘The app’s editor is based on the WordPress mobile app’s editor.’ Mullenweg said. “If I were being honest, I’d say that Wix copied WordPress without attribution, credit, or following the license.”

Even though the Wix app is made up of different modules and libraries, the GPL requires that the entire application be GPL-licensed since Wix is distributing the app with GPL code in it. Open sourcing the entire app’s code under the GPL is the only way to resolve the license violation, according to Mullenweg.

“Your app’s editor is built with stolen code, so your whole app is now in violation of the license,” Mullenwg said. Some took issue with use of the term “stolen code” in connection with public, open source repositories, but the effect is the same regardless of Wix’s intention. Wix distributed GPL code without respecting its license, putting new limitations on it instead of preserving its freedoms. That code was not legally available to be repurposed without following its license.

“You’d probably be in the clear if you had used just the original editor we started with (ZSSRichTextEditor, MIT licensed),” Automattic’s General Counsel Paul Sieminski commented on the issue. “Instead, Wix took our version of the editor which has 1000+ original commits on top of the original MIT editor, that took more than a year to write. We improved it. A lot. And Wix took those improvements, used them in their app but then stripped out all of the important rights that they’re not legally allowed to take away.”

Mullenweg called for Wix to release its entire mobile app under the GPL, as required by the license, and make the source code available so that others can build on it and learn from it.

“If you want to close the door on innovation, Wix, that’s your decision to make — just write your own code,” Mullenweg said. “If you’re going to join the open source community, play by the open source rules.”

Wix CEO Responds, Neglects to Address GPL Licensing Issues

Mullenweg’s open letter to Wix took the company by surprise. Wix CEO Avishai Abrahami responded the next day on the company’s blog with a tone that imposed an artificial sense of fraternity in order to make the original allegation appear to be an over reaction. “Wow, dude I did not even know we were fighting,” Abrahami said. He cited Wix’s manifold contributions to open source software on the company’s GitHub account and their admiration of WordPress’ commitment to giving back.

His artful deflection avoids the licensing issue completely and demonstrates a lack of understanding of the GPL:

Yes, we did use the WordPress open source library for a minor part of the application (that is the concept of open source right?), and everything we improved there or modified, we submitted back as open source, see here in this link – you should check it out, pretty cool way of using it on mobile native. I really think you guys can use it with your app (and it is open source, so you are welcome to use it for free). And, by the way, the part that we used was in fact developed by another and modified by you.

GPL compliance, however, requires more than a show of open source spirit. Abrahami did not address the requirement that the entire mobile app be released as GPL but offered a vague statement about sharing code.

“If you need source code that we have, and we have not yet released, then, most likely we will be happy to share, you only need to ask,” Abrahami said. It is still unclear as to whether his statement means the company will release the entire mobile app under the GPL or not. However, the company indicated on Twitter that they will release the app on GitHub.

The other option would be for the company to completely remove any GPL code from its app and use the original MIT-licensed library for the editor.

“The WordPress GPL Rich Text component in question, is actually a wrapper around another Rich Text component named ZSSRichTextEditor which is licensed MIT,” Wix lead engineer Tal Kol said in the article he published over the weekend. “In retrospect it would have been easier to use it directly.”

Using the original library would stop the current GPL infringement but does not erase the fact that the company has already violated the license by distributing the code.

Wix has not yet officially announced what it plans to do, but at the time of publishing the company continues to distribute GPL code inside its proprietary app.

Mullenweg Is Willing to Go to Court to Protect the GPL

According to the GPL FAQ, the copyright holders of the software have the power to enforce the GPL, as the license is a copyright license. Copyright holders are advised to inform developers of the GPL-covered software if they see a violation. With the GPLv2, the only way for license violators to receive back their rights after violation is to petition the copyright holder. Mullenweg has already identified a path to compliance for Wix.

Although many in the open source community are itching for a definitive court case involving the GPL, Mullenweg said his preferred outcome is to see Wix open source its mobile app.

“I would much rather they just release their app as GPL rather than have to get into a legal fight,” he replied to commenters on his blog.

When I asked if he is willing to take the matter to court if Wix does not comply, Mullenweg said, “We would of course go to court to protect the GPL.” He also said that if Wix decides to pursue the other avenue, “removing the library would fix it going forward, but not for things that already infringed.” Mullenweg could not say what Automattic will or won’t do in a legal context regarding the past infringement, as the situation is still developing.

This weekend’s debate between Mullenweg and Wix sparked discussions across social media platforms as well as blog post responses about how the the GPL affects the industry. It also shows how divisive the license can be even among open source software proponents. Mullenweg, who is known inside the WordPress community as a zealous defender of the GPL, has demonstrated a willingness to go to battle over violations of the license in the past.

Many in the WordPress and Wix communities took issue with the public handling of the matter, but ultimately the controversy is not a personal matter between Mullenweg and Wix. The proprietary mobile app distributes GPL code that was the work of many contributors. WordPress’ open source code was built from the hard work of people who were willing to give that time and energy because they believe in the project and the freedoms that its license guarantees. Wix’s disrespect of that license illegally co-opts those contributions for the company’s closed source app.

“My program will have liberty, or never be born.”

The GPL license is holistic in the sense that all parts of an application are connected – if one part bears the freedoms of the GPL, the entire app benefits from the GPL and must be therefore be open for all. The GPL is the reason WordPress exists and the reason why Mullenweg is so passionate about it. If b2/cafelog had not been GPL-licensed, Matt Mullenweg and Mike Little would not have been able to build on it.

One of the questions in the GNU GPL FAQ asks, “What if my school might want to make my program into its own proprietary software product?” This question addresses how many universities try to restrict the use of the knowledge and information they (and their students) develop, a problem that also exists in commercial businesses. The GNU recommendation for developers wanting to ensure their software is allowed to be GPL licensed is to raise the issue at the earliest possible stage for the most leverage:

So we recommend that you approach them when the program is only half-done, saying, ‘If you will agree to releasing this as free software, I will finish it.’ Don’t think of this as a bluff. To prevail, you must have the courage to say, ‘My program will have liberty, or never be born.’

This powerful sentiment is one that many GPL software contributors have adopted as a way of life. They contribute code on the basis that it will be passed on with all its freedoms. Taking GPL-licensed code and putting it in a proprietary app is an affront to their contributions.

Wix CEO Avishai Abrahami’s casual response identifies both parties as open source proponents who are working to make the web a better place. This response misses the mark because it fails to recognize WordPress’ 13-year history with the GPL and how deeply it has impacted the software’s trajectory and ability to make the web a better, more open place. This license and WordPress’ commitment to user freedoms has been the project’s true north from its inception.

When a project is given the GPL license, it makes that code and the license’s freedoms inseparable. Essentially, that code isn’t legally available to anyone without those freedoms in place. Regardless of whether Wix’s deflection of the issue is motivated by ignorance of the GPL or malicious intent, the company has to answer for its misuse of the software. The ball is now in Wix’s court – to comply with what the GPL license requires or take its own interpretation to court.

Learning From Buggy WordPress Wp-login Malware

Learning From Buggy WordPress Wp-login Malware

When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up the infection and look no further. Many go on to patch vulnerable software, change their passwords, and perform other post-hack steps. All of this is good, but hackers who follow through the sustainment phase of the attack also leave behind ways to easily reinfect the site.

After breaking into a website, hackers want to make sure they still have access if the original security hole is closed.

Continue reading Learning From Buggy WordPress Wp-login Malware at Sucuri Blog.

What Looks Amazing in WordPress 4.7 Beta 1

What Looks Amazing in WordPress 4.7 Beta 1 →

If you’ve been wanting to get your hands on WordPress 4.7, you can now get the Beta 1 version from The feature list is looking really spicy. Standouts include:

  1. REST API content endpoints. Really the headline—see our recent interview with Josh Pollock for details.
  2. The Twenty Seventeen Theme: very pretty and single-pagey.
  3. Custom CSS in the Customizer: make CSS changes and see them live.
  4. Video headers as an element of theme support. This should make it easier to have beautiful “hero” homepage videos as a theme element controlled through the Customizer, without the need for third-party plugins.
  5. All these features need tested, so grab the Beta version and enjoy!

A Beginner’s Guide to eCommerce A/B Testing in WordPress

Making changes to your eCommerce website design that aren’t backed up with real-world data isn’t an effective way of improving your conversion rates. You could hire a developer and have them make changes based on your guesses, but what if it doesn’t work and you end up losing customers?

A/B testing your website can help you arrive at a design that your visitors respond to in the best possible way. The best eCommerce sites understand that there’s always room for improvement, and regular testing plays a key role in paving your path to success.

In this post, we’ll show you how to test your eCommerce website, along with the plugins you’ll need – but first, let’s cover the basics of what A/B testing is and why you should be doing it.

What A/B Testing Is and Why It’s Important

A/B (or split) testing offers multiple versions of a page element to your website’s visitors to determine which one converts better. For instance, in an A/B test with two variants (A and B), half of your site’s visitors would see web page A and the other half would see web page B. The site that performs better, wins.

Testing multiple variants of your site gives you concrete results, enabling you to implement what works, and discard what doesn’t. In a nutshell, A/B testing enables users to optimize their site’s design and functionality for conversions.

Choosing Your Testing Metrics And Elements

The testing process itself is fairly easy to understand, and offers some definite benefits. However, leveraging it to its full potential involves monitoring metrics that will be invaluable to your site’s growth in the long run. From an eCommerce perspective, you should at least be tracking:

  • Cart abandonment rate. This indicates the visitors who added products to their carts, but didn’t make it through the checkout page.
  • Average order value. This determines how much profit you’re gaining per order on average. It enables you to figure out how much money you can make based on your site’s traffic and conversion rates.
  • Bounce rate. This indicates the number of visitors who visited your landing page, then left without interacting with the page.

Once you’ve laid down the metrics you’d like to monitor, you’ll need to figure out which page elements to test. There are a myriad of elements to choose from, but we recommend using common interactive points such as forms, your checkout page length and layout, your cart placement, and your call to action text and buttons.

Why You Should A/B Test Your eCommerce Website

A/B testing with a crystal clear strategy in mind is vital, but what’s even more important is to understand why you’re doing it in the first place. Here are three key reasons.

1. To See If The Design Works

A/B testing gives you rock-solid evidence of what works and what doesn’t. For example, take a checkout page with a form that requires the visitor to enter some personal details in order to complete their transaction. While it’s easy to read, visually appealing, and simple enough to follow, you find that sales aren’t improving, while your cart abandonment rate is rising – what went wrong?

With a split test, you can gain insight into user behavior to find out exactly why visitors are leaving. It could be the length of the form, or some confusing text. Whatever the problem, A/B testing helps you pinpoint where your design went wrong.

2. To Analyze How Well the Design Works

If a variation seems to work well, it’s important to determine its effectiveness. Split testing should be performed regularly, and measuring how well a particular implementation works helps you to improve what’s already there.

Of course, you can choose to measure your design’s impact against a single metric, or a combination. Some – such as cart abandonment rate, bounce rate, and average order value – are a great starting point. However, to take things to the next level, you can measure other key performance indicators such as the time spent on site, your affiliate performance rates, and query resolution times.

3. To Evaluate The Design

Finally, another benefit of A/B testing is that even if none of your ideas work out, the results will almost always help you understand why, and point you in the right direction. With A/B testing, the more design iterations you go through, the better. You’ll happen upon some new ideas each and every time.

Now you have a better understanding of what A/B testing is and why you should be doing it, let’s see how you can get started with it in WordPress.

A Beginner’s Guide to eCommerce A/B Testing in WordPress

In this section, we’ll lay out the six key steps you’ll need to follow in order to conduct quality eCommerce A/B testing. Once we’re done, you’ll be ready to take matters into your own hands. Let’s take a look!

Step 1: Choose A Suitable Plugin

Although there are several offsite A/B testing tools available, using a WordPress plugin to get the job done has its own benefits. For a start, you won’t have to connect to a third-party service or worry about integration. Here are three plugins we recommend:

  1. WordPress Calls to Action. This plugin enables you to create and test the conversion rates of the calls to action on your website. It’s a great option for users who are building landing pages.
  2. Nelio AB Testing. This plugin is incredibly easy to use and enables you to setup, manage, and monitor split tests. It also generates daily reports about test experiments and conversions.
  3. Title Experiments Free. The plugin helps you to split test your post’s titles to find out which ones lead to more page views. It can create variations for you and reports both impressions and page views.

While all of these solutions are suitable, if you’re looking for a complete A/B testing solution, we recommend the Nelio AB Testing plugin. It’s great for beginners and pros alike.

Step 2: Conduct Your Research

Once you’ve chosen a suitable plugin, you’ll need to figure out what you want to split test. If you’re reading this post, the chances are that you already have a few things in mind. That said, it’s always a good idea to conduct some research to find out even more.

You can start by studying your analytics to ascertain your visitor’s user behavior. This will help you determine why they’re not completing their transactions, abandoning their shopping carts, or whatever else you may be looking for. Another foolproof method of gaining insight into user behavior is to ask them directly for feedback – after all, who better to get insight from than your actual users?

Step 3: Define Your Goals

The next step in A/B testing is to define clear goals that you’d like to achieve. Setting goals enables you to validate whether the tests worked, and if so, their overall effectiveness.

You don’t need to be particularly specific when it comes to setting goals. For instance, it could simply be to “increase conversion rates” instead of “increase conversion rates by 35 percent” – and of course, the goals you set can be based on almost any metric you like.

Step 4: Select Your Testing Variables

As an eCommerce site owner, you’ve probably identified some page elements that you think could undergo testing. In this step, you’ll actually have to pick one to test. The element you choose should tick off some (or all) of these points:

  1. The design may be affecting user behavior negatively.
  2. Its placement may be off.
  3. The color scheme doesn’t fit in with the brand.
  4. Its wording may be off-putting.

Be mindful not to get too deep at this stage. Simply select one element that you’d like to test to act as your ‘test variable’.

Step 5: Develop Your Testing Variants

Now that you have the test variable, it’s time to create some variations. Since we’re split testing, simply create a duplicate of the web page you’d like to test, add the variable as is to one of them (we’ll call it web page A), and its variation to the other (web page B).

The testing tool you use will automatically redirect half of your site’s traffic to web page A, and the other half to web page B. Ideally, you should present the variation to new visitors in order to get accurate results – your chosen tool will normally have options for doing so in its admin panel.

Step 6: Run The Tests And Analyze The Results

With everything set in place, you can launch your first A/B test! Here are a few points to keep in mind:

  1. Make sure that you’re testing both web page A and web page B simultaneously.
  2. The only difference between web page A and web page B is the test variable.
  3. Any design update you make your pages throughout the duration of the test should be applied to both variants to maintain consistency.

Once the tests are in motion, you can start analyzing your user’s behavior. The testing tool you use should provide some insight into the test results; however, you can always check out your site’s analytics too.


Making modifications to your eCommerce website’s design at random and hoping for the best simply isn’t effective. With A/B testing you can make informed decisions regarding your website’s design, that are backed up with real data and experiments.

If you thought it was difficult to get started with split testing, think again! Let’s recap the process:

  1. Choose a suitable plugin.
  2. Conduct your research.
  3. Define your goals.
  4. Select your testing variables.
  5. Develop your testing variables.
  6. Run tests and analyze the results.

Do you have any questions about A/B testing your eCommerce site? Get in touch via the comments section below and let us know!

Image credit: anelka.

John Hughes

John is a blogging addict, WordPress fanatic, and a staff writer for WordCandy.

The post A Beginner’s Guide to eCommerce A/B Testing in WordPress appeared first on Torque.

Safe And Useful Code Snippets

The Code Snippets add-on is probably the most under appreciated feature in the ManageWP arsenal. If you know how to use it, there’s virtually no limit to the ways you can put it to good use. But, what if you’ve never used code snippets before? I’ve put together a list of basic code snippets that you can play with and get familiar with the add-on. They are read only and can’t harm your server or website in any way, so don’t be afraid to try them!



List Files

This snippet will list files in your root folder or if you set the folder path it would list files from a specific one.

echo `du -sch ./*`;
echo `ls -la ./wp-content/managewp/*`;

File Content

File content snippet will reveal an entire content of a specific file, you can easily change the path and the filename and you are done.

echo `cat ./wp-config.php`;

Time To Load Page

This snippet will print the loading time of the website’s home page.

$start = time();

// put a long operation in here

$diff = time() – $start;

print “This page needed $diff seconds to load :-)”;

Check File Size

You can easily check the size of any file on your server by running this snippet and all you need to do is to set the correct path and filename.

$filename = ‘EXAMPLE/EXAMPLE.JPG’;
echo $filename . ‘: ‘ . filesize($filename) . ‘ bytes’;

Check Free Space on Your Server

Very useful snippet that will save you a lot of time needed for logging into your cPanel since you don’t have to leave ManageWP to check the free space on your server.

$bytes = disk_free_space(“.”);
$si_prefix = array( ‘B’, ‘KB’, ‘MB’, ‘GB’, ‘TB’, ‘EB’, ‘ZB’, ‘YB’ );
$base = 1024;
$class = min((int)log($bytes , $base) , count($si_prefix) – 1);
echo $bytes . ‘<br />’;
echo sprintf(‘%1.2f’ , $bytes / pow($base,$class)) . ‘ ‘ . $si_prefix[$class] . ‘<br />’;

Check File Readability

By using this snippet, you will be able to see if the file on your server is readable or not.

if (is_readable($filename)) {
echo ‘The file is readable’;
} else {
echo ‘The file is not readable’;

Check Database Stats

This snippet will print out the Database statistics, just replace default values with the real ones.

$link = mysql_connect(‘HOST’, ‘USERNAME’, ‘PASSWORD’);
$status = explode(‘ ‘, mysql_stat($link));

Get Database Size

If you are using our Backup add-on, it might be redundant to use this snippet, but if you aren’t, you can check the database size by using this simple snippet.

$link = mysql_connect(‘host’, ‘username’, ‘password’);

$db_name = “your database name here”;
$tables = array();

mysql_select_db($db_name, $link);
$result = mysql_query(“SHOW TABLE STATUS”);

while($row = mysql_fetch_array($result)) {
/* We return the size in Kilobytes */
$total_size = ($row[ “Data_length” ] +
$row[ “Index_length” ]) / 1024;
$tables[$row[‘Name’]] = sprintf(“%.2f”, $total_size);


That’s It Folks!

Please note that we have selected only the snippets that can’t harm your server and you can try them out with the knowledge that nothing will go wrong. Hopefully these snippets will help you in your daily work tasks. These are just some of our suggestions, but we are sure you have plenty of cool snippets up your sleeves. Share them with us, and let’s make the public snippet library a ton richer!

The post Safe And Useful Code Snippets appeared first on ManageWP.

Apples TV’s Struggles

apple-tv.jpgJoseph Rosensteel has an outsider but savvy perspective on the updates and technology around Apple TV. Definitely a worthwhile read. I’ve experienced a lot of this frustration myself — I have a large library of things bought through iTunes, I like the interface of the Apple TV (though I liked the old one a little better), and Airplay is handy, so I want to love the Apple TV. The market is so bad right now that most review sites like Wirecutter recommend Roku, which for me came with a branded remote button for a service that is out of business (Rdio) and has an interface that feels DOS-like.


Doc Pop’s News Drop: WordPress 4.7 Beta and the WP REST API

Doc’s WordPress News Drop is a weekly report on the most pressing WordPress news. When the news drops, I will pick it up and deliver it right to you.

Doc Pop’s News Drop

The WordPress 4.7 beta is up now and includes lots of interesting new features, including REST API support, live CSS previews, and PDF thumbnails. You can download it here.

Love WordPress news, but hate reading? This is Doc Pop’s News Drop.

Last year we were all hyped up for the release of the WordPress REST API, a standardized way to allow WordPress powered sites to interact with other software services (like Slack,mobile apps, or anything else you want to build). But then things slowed down a bit and by Febr we were even wondering if the WP API had died a slow and painful death. But it’s back!

The REST API endpoints have officially been merged into WordPress 4.7 beta release that come out last week. No word on how that’s going so far, but if you are a developer, be sure to check around in 4.7 and give some feedback to the core team.

Speaking of 4.7, the new beta release and here are some of the new features

Custom CSS with live previews:
Get rid of your child themes and theme editors because 4.7 has live previews! You can see your changes as they happen so you’ll know if that new plugin will break your site or not.

PDF thumbnails:
Any PDF you update will come with a thumbnail. No more accidentally uploading a Gordon Ramsey recipe as your featured image on an article about cats. Before you upload, make sure it’s the right one or risk being laughed out of the media library for not knowing how to cook scrambled eggs.

There are many more features that we didn’t get to, but make sure that you check them all out.

The official release is set for Dec. 6, so if you have any feedback make sure to get it in before then.

That’s it for this week’s News Drop, be sure to check out for the lastest in wordpress news.
(Doc, aren’t you going to say something about Halloween?)
What? It’s Halloween? Shoot, I wish had known.

Doctor Popular is an artist and musician living in San Francisco. As a full disclaimer, he is neither a doctor nor popular.

The post Doc Pop’s News Drop: WordPress 4.7 Beta and the WP REST API appeared first on Torque.

WordPress and Google Accelerated Mobile Pages (AMP): Everything You Need to Know

If there’s one thing I’ve learned from the Internet, it’s this:
People want things fast.
They want Amazon to deliver packages in under 2 seconds. They want to binge watch entire TV shows the second they get released. And they definitely want sites to load rocket fast.
30% of users want websites to load in

The post WordPress and Google Accelerated Mobile Pages (AMP): Everything You Need to Know appeared first on WPLift.