WordPress. It's a name practically synonymous with blogging and, for many, the web itself. If you've been weighing your options for building a website, you've undoubtedly come across this Swiss Army knife of site-building tools. As the world's largest Content Management System (CMS), WordPress powers an estimated 43% of websites today. With tens of thousands of themes available to skin your site, and thousands of plugins to enhance functionality, its popularity and ease-of-use has made it the first pick for countless developers and hobbyists alike.
But recent events have cast doubt on WordPress's reliability. If you have been following the news, you may have heard about the controversy involving WordPress.org, WordPress.com, and WP Engine. Matt Mullenweg, the creator of WordPress and head of WordPress.org, recently blocked competitor WP Engine from accessing crucial updates and even seized one of their most popular plugins, citing security concerns.
These actions have raised concerns about how much control one individual should wield over a supposedly open-source platform. In this post, we’ll explore the security vulnerabilities that come with relying on WordPress, the risks of centralized control, and why a custom website could offer a more secure, flexible alternative. And of course, we’ll show you how Intellux can help you make the switch.
The WordPress Drama: What’s Happening and Why It Matters
The drama in the WordPress community unfolded slowly at first, then all at once. First, let's get up to speed with a bit of history about WordPress and how we got here.
Matt Mullenweg created WordPress when he was just 19, envisioning an open-source blogging platform that anyone could use, remix, and build upon—all for free. This open approach fueled WordPress’s rapid growth, but it didn't generate much revenue on its own.
To generate revenue, Matt created WordPress.com, which offers managed hosting of your WordPress site. If you haven't the time to setup a server and install WordPress yourself, WordPress.com will do the legwork for you (for a fee, of course). Meanwhile, WordPress.org became the nonprofit arm, home to the WordPress codebase, plugins, and themes. Unfortunately, the distinction between the commercial WordPress.com and nonprofit WordPress.org is often unclear.
Another company, WP Engine, leveraged WordPress's open-source foundation to offer similar hosting and customization. They make it simple to deploy and update your site without the need for in-depth technical knowledge. This has brought them a lot of money. With that success has come tension.
Mullenweg has taken issue with how little WP Engine has contributed to WordPress's development as a software. In a blog post authored on the WordPress.org site (the non-profit arm of the enterprise), Mullenweg touts that his company (Automattic) contributes over 3,500 man hours of work per week to the WordPress codebase, while WP Engine only contributes around 40 hours. In that same post, Matt calls WP Engine a cancer to WordPress, amongst other criticisms.
The rivalry escalated with cease-and-desist letters and WordPress.org temporarily blocking WP Engine’s access to plugins, affecting users' ability to install and update plugins—a critical aspect of site security. Public backlash led to access being restored, but Mullenweg soon took over a popular plugin maintained by WP Engine, citing security concerns.
So What Now?
If your site runs on WordPress or you’re considering using it, this incident reveals a critical issue: control. While WordPress is open-source, essential features like plugins and updates are still governed by WordPress.org. In times of conflict or policy shifts, users may find themselves stuck—unable to access important updates or maintain their site’s security.
This reliance on a single platform exposes businesses to risks beyond their control. A better solution? Custom-coded websites. With a custom site, you own the entire codebase, giving you full control over updates, functionality, and hosting.
Ready to Take Control of Your Website's Future?
At Intellux, we take great pride in crafting custom websites that are portable, extensible, and secure. That means our sites can be hosted anywhere and are not beholden to any ecosystem. No plugins to manage, no dependencies on warring ecosystems—just lightweight, secure websites built with HTML, CSS, and JavaScript.
Contact us today for a free consultation and discover how we can help you build a fully-featured and resilient online presence that's fully under your control.