plugins – How to Enfroce Domain Licensing Limits?


I know many plugin providers limit the number of activations to a certain number of domains but I am wondering how it is achieved and why it cannot be bypassed.

In the strictest of senses this is a violation of the GPL, the code itself is free and you can distribute it on all your sites. That’s not the same as the code functioning though. Nothing stops a customer getting auto-updates on one site then copying it themselves to their others, and this isn’t something you can protect against via code licenses as it’s a fundamental GPL freedom. Likewise with code modification.

In the standard licensing model, what stops a user from using the same license on unlimited domains?

Nothing, the user can edit the code and delete the licensing functions if they wish, they have the right to do so according to the GPL license.

Keep in mind that any code should be GPL compatible. If you disagree that’s your right but you may have to prove it in a court of law, and should consult appropriate legal advice. The main WP community holds that WP code should be GPL though and your disagreement may lead to boycotts, blackballing from WP events, and barring from the WP plugin directory and community efforts. As a software vendor this is a very high price to pay, especially if you want to attract large companies and agencies.

If my server is expected to verify which domain the request is coming from, can’t a user spoof the domain by changing a few lines of code in WordPress?

Not if your server sends its verification back via a webhook. This way the plugin never gets the confirmation code it needs back if it tries to spoof the domain, but this doesn’t really work anyway, and it’s not something a pirate would do. It’s much easier to change the code that checks with your server to always say “yes” without bothering to make the request, either by modifying your plugin/theme or via filters/proxies.

This is a cat and mouse game, and there is always a path to escalation. You will never defeat a determined pirate, no matter what licensing scheme you implement, no matter what code license you choose.

The only method people have figured out to reliably avoid these things is to implement their product as a subscription service and move some functionality into the cloud, and sue copycats for trademark and brand infringement.

Fundamentally, the value is not in the code you sell, but in the support services and continued updates that you as the seller/vendor provide.

S.O.S 2 months 2022-12-06T14:44:27-05:00 0 Answers 0 views 0

Leave an answer