You may have heard of the GPL (often referred to as WordPress’ Bill of Rights), but chances are that you don’t fully understand it. And with good reason—it’s a complex topic to tackle, and your time is no doubt better spent making a living than studying product licensing.
However, if you use WordPress, the GPL should matter to you, and you should understand it. Why? Because the GPL defines how WordPress is utilized—by users and developers alike.
With the above in mind, this concise guide will reveal everything that you need to know about GPL licensing as it relates to WordPress, with not a single reference to legalese or unnecessarily complex language. Once you’re finished reading, you will know what the GPL is, why WordPress is licensed accordingly, how the GPL benefits both end users and WordPress developers, and ultimately, why WordPress ‘derivative’ works (i.e. themes and plugins) should (if not must) be licensed under the GPL.
The GNU General Public Licence Explained
Start by Knowing Your Goals
The GNU General Public License (hereinafter referred to as ‘the GPL’) was created by computer programmer Richard Stallman as a rebellious reaction to the enormous growth of proprietary software. It was named the ‘GNU’ GPL, as it was initially used by Stallman to license the GNU operating system.
The GPL is a free software license. Contrary to popular understanding, the use of the word “free” within “free software” refers not to price, but (by Stallman’s definition) to the user’s freedom to utilize, modify and distribute the software (and any derivative works).
The GPL is best summarized by the four freedoms associated with the “free software” movement:
- The freedom to run the program for any purpose.
- The freedom to study how the program works, and change it to make it do what you wish.
- The freedom to redistribute copies so you can help your neighbor.
- The freedom to improve the program, and release your improvements (and modified versions in general) to the public, so that the whole community benefits.
In other words, the GPL is the antithesis to proprietary software—the likes of Windows or iOS. It empowers the end user and doesn’t necessarily work in the best interests of the developer.
However, as we will discover, it certainly does work for WordPress developers (if not perhaps by design).
Why WordPress Is Licensed under the GPL
WordPress is what it is because of the GPL. The world’s most popular content management system has benefitted from the input of literally thousands of people, from its inception and through to present day, in such a way that simply isn’t possible with proprietary software.
In fact, WordPress never would have existed without the concept of free software —it was originally a fork of b2/cafelog, which was ‘free software’ itself.
The co-founder of WordPress, Matt Mullenweg, is arguably one of the world’s leading voices on ‘free software’. He established WordPress.com with clear mission: to “democratize publishing”. The tenets of GPL mean a great deal to him (as you will discover).
Why You Might Like the GPL
As an end user, there’s a lot to like about the GPL from an ‘ethical’ standpoint. You only need to read Stallman’s impassioned prose on the subject of software ‘ownership’ to understand just how empowering the GPL is for software users:
[Proprietary software] meant that the first step in using a computer was to promise not to help your neighbor. A cooperating community was forbidden. The rule made by the owners of proprietary software was, “If you share with your neighbor, you are a pirate. If you want any changes, beg us to make them.”
The idea that the proprietary software social system—the system that says you are not allowed to share or change software—is antisocial, that it is unethical, that it is simply wrong, may come as a surprise to some readers. But what else could we say about a system based on dividing the public and keeping users helpless?
In a world that is becoming increasingly accessible (for better or worse), the GPL stands for true transparency in software development.
The Power of Community
It’s not just transparency that makes the GPL so powerful. Chris Lema put it best in his article on GPL WordPress themes and plugins:
One might reasonably argue that WordPress’ GPL licensing has been a primary catalyst of its exponential growth. The size of its community, along with its popularity, is unparalleled. It has its GPL status to thank for that.
Peace of Mind
From a more practical perspective, the GPL gives WordPress end users peace of mind. Not only is WordPress free (in both senses of the word), but all trademarks relating to WordPress are owned by the WordPress Foundation — a charitable organization formed with the sole aim of “ensur[ing] free access, in perpetuity, to the software projects we support”. In other words, WordPress always has, and always will be, freely available to us in all of the ways we are used to.
Why You Might Not Like the GPL
There’s no reason to dislike the GPL from an end user’s point of view. It’s gloriously empowering.
However, the main reason your typical WordPress entrepreneur might have a negative knee-jerk reaction to a fuller understanding of the GPL is what it means from a commercial point of view. After all, if the GPL affords the “freedom to utilize, modify and distribute the software (and any ‘derivative’ works)”, what does that mean for premium WordPress themes and plugins, which one might reasonably assume to be ‘derivative’ of WordPress?
In theory, WordPress’ GPL licensing means two things for those who seek to create ‘derivative’ products:
- Anyone is free to utilize, modify and distribute your products without restriction.
- The only value you can offer is premium support and automatic updates.
However, it’s not that simple. In reality, the GPL ‘works’ for WordPress developers too.
The Legal Power of the GPL
But before we get onto that, let’s the GPL’s power from a legal perspective. As of this writing, GPL licensing is largely unproven in the courts. In practical terms, that means two things:
1. There is a Lack of Absolute Clarity on What ‘Derivative Works’ Means
It’s not crystal clear whether themes and plugins are legally considered ‘derivative’ works (which would determine whether or not they should be GPL compliant).
However, you’ll find plenty of people ready and willing to disagree with that assertion. Mullenweg went so far as to consult the Software Freedom Law Center for their legal opinion.
Their conclusion (as summarized by Mullenweg) seems absolute: “PHP in WordPress themes must be GPL, artwork and CSS may be but are not required.”
Tomaž Zaman adopts an equally strong point of view in his Codeable article on WordPress and the GPL:
It all seems rather compelling, but most importantly, none of this has been proven in a court of law. There is no legal precedent, and as such, any claim to certainty cannot in fact be certain. Legal certainty is attained through legal precedent—something that the GPL license lacks when it comes to this particular topic.
2. Reduced Risk of Legal Action
One could argue that a lack of legal precedence demonstrates that non-compliance is unlikely to result in legal action. Brian Krogsgard explains it well:
While it’s easy to argue the above, to put yourself in the line of fire (so to speak) is something else altogether! We personally wouldn’t advise you to flout the GPL on the assumption that a lack of legal precedence is some sort of ‘protection.’
All this leads to a simple conclusion: Legally speaking, the jury is (quite literally) still out on the GPL’s influence on WordPress themes and plugins.
Having said that, while it’s important to mention the legal aspects of the GPL, that’s not what matters truly from a practical point of view.
How the GPL Works in Favor of WordPress End Users and Developers
As a WordPress entrepreneur, it’s easy to fear what the GPL might mean for your business, but there’s far more value in observing its effects in reality.
History has demonstrated that the WordPress community simply doesn’t work as a cynic might expect it to, for three key reasons:
Most people are inherently honest. For every person who is happy to ‘steal’ products (even though doing so is impossible under GPL licensing), there are plenty more who are happy to pay for something that’s for sale – even if they can get it for free.
Many people don’t understand the GPL. It takes a certain level of savviness to (a) understand that something is freely available, and (b) know how to obtain it for free. If a plugin is advertised as such ‘premium’, the average user isn’t going to download it from Github if it is available there—they’ll get it from the most obvious source.
There’s added value in ‘buying’ premium GPL products. While a GPL premium plugin might be ‘freely’ available, it is completely acceptable to ‘sell’ associated services that the end user might consider highly useful, such as support and automatic updates. You will find that many modern premium themes and plugin developers—although not overtly promoting their products as being available free of charge under the GPL license—sell using this model.
We highly recommend you to read this related article on the topic: Why You Should Stop Using Nulled WordPress Plugins and Themes
All of the above means that as a developer, you benefit from all of the good things about the GPL (ethical do-goodery, community spirit and power), but don’t suffer any potentially feared negative side effects.
Then there’s the even better news for client-facing WordPress developers: the GPL doesn’t affect non-distributed work—which includes custom work that you do for a single client. If you’re doing this kind of work, you don’t have to worry about GPL compliance.
Other Reasons Why You Should Adopt the GPL License
You Will Align Yourself With Key Influencers
While the majority of WordPress users haven’t even heard of the GPL, it is extremely important to all of the key influencers within the WordPress community—the best example being none other than Matt Mullenweg, the co-founder of WordPress and the CEO of Automattic.
He is truly passionate about GPL and is not afraid to protect it accordingly. Examples abound, most recently (and publicly) with the Automattic vs. Thesis saga.
By adopting the GPL license, you are adopting the same ethical and philosophical standpoint as some of the most important people within the WordPress community. Since WordPress is all about community, one would consider doing so a wise move.
You Can Gain Greater Exposure
The WordPress.org theme and plugin repositories are extraordinary resources for end users, and extraordinary marketing tools for developers. Any developer has the opportunity to upload their themes and/or plugins at no cost and have them exposed to the WordPress community. There’s just one catch: “Your plugin [or theme] must be compatible with the GNU General Public License v2, or any later version.”
Quite simply, when it comes to free theme and plugin developers: no GPL, no exposure on WordPress.org.
It’s the ‘Right’ Thing To Do
GPL licensing can be thought of from a more practical perspective: Without WordPress, your plugin or theme wouldn’t exist, nor would it be able to take advantage of such a huge platform for adaption and exposure. Therefore, while adopting the GPL isn’t unquestionably necessary, all other things being equal, it’s the ‘right’ thing to do.
Now you know everything you need to know about WordPress and the GPL. You understand why it is important to you as an end user, and you understand how ultimately it benefits you to adopt it as a developer.
One might reasonably argue that the only way that the GPL could damage you is if you refuse to adopt it; not because of the licensing itself, but because of the limitations it places on you, the fallout within the community, and the enemies you may attract.
That aside, there’s a lot to love about the GPL from an ethical point of view. WordPress’ chosen license demonstrates that it is possible to create and distribute software in an entirely transparent fashion, while reaping the benefits of community, and making some money along the way. Isn’t that a win for everyone?
My shared expereince GPLguru.com
About the gplguru.com server => After checking scamadvisor, i realized he shares a server with some real shi*ty websites…
Server is in USA but author is in reality in india.
Downloads are not unlimited, you can download ONLY 20 files per day…
About the themes and plugins on gplguru.com, that are claimed to be 100% legit / 100% untouched / 100% unmodified as advertised on the website and its FAQ.
– Wp Rocket = Nulled version (expiration date : 10 january 1970, piece of code in options.php has been removed and replaced to null it > line 488)
– WP Fastest Cache Premium = different md5 than my official + not the same number of files. So modified/altered, probably malware inside. I compared the same version of course.
– Thrive comments = different md5 than my original one. I compared the same version of course.
– I checked 3 plugins on virustotal (random) among those i had downloaded, 2 of them are reported infected by a webshell malicious code. I don’t remember the plugins tested unfortunately.
I stopped my tests there, the very first plugin i tried was wp rocket and it was nulled, so i knew the first seconds that the site was a scam and providing modified plugins, at least for some of them.
Don’t even know if a true 100% untouched / unmodified GPL plugins exist out there that would allow to use plugins on a live site with no risks. That would be easier to check if GPL plugins authors would share their md5 in order to compare with the one one can download on this kind of websites, but no dev seems to share that.
I asked for a refund – due to modified files – through contact on gplguru website bu no answer. I created a dispute on paypal asking for a refund but no answer. I took the next step and i’ve been refunded.
FAQ claim no refund can be granted but don’t believe that, fill a complaint on paypal, the law (at least in europe) forces a seller to refund you if its within the first 14 days at least even for digital products. And do’nt forget that you don’t buy a downloadable product you buy a subscription that allow you to download.
So GPLguru.com = Scam + liar
Thanks for commenting. Normally we wouldn’t approve comments such as this, but we decided it’s important for this serve as a warning to others. We recommend staying away from any GPL club member sites.
1. They don’t support developers and are harmful to the WordPress community as a whole.
2. They provide out of date or modified files as you have also mentioned above.
3. You don’t get support. Which for a lot of people is needed at some point or another.
Unfortunately, these sites ride the line between what is actually legal and moral (good for the community).
I buy most of plugins what i use to create my website, like Elementor Pro and them OceanWP and i’m happy to pay for them because the content worth that money.
But a lot of plugins give you limited possibility, sometimes is lack of the small option what you desire (and other are duplicated with another owned or free plugin’s) and by that the whole plugin going to be worthless for me. So i go to refund policy and wait for money. So as faster way i start “trying” plugins using gpldl.com. I found no viruses there but i don’t check md5.
I check on gpldl.com and there is Elementor PRO plugin so i try found GPL licence file in my original bought plugin… and there is no GPL licence inside. Its that legal? Its Elementor Pro under GPL licence, so why there is no GPL licence file?
Why the licence file in my Elementor PRO say: “…You are prohibited from distributing the applicable source code, and you are prohibited from allowing any third party to make any use from it…” Its only exemple.
If that true and all plugins for WordPress are under the same GPL, then all developers know that when they start working. So why they are angry about club sites, they know that some one may take there work and resell it for more people.
So who lie here? gpldl.com about GPL or developer’s with restrictions in GPL licence?
PS. I know that hard work need to be reward… but i feel bad when i need to pay 49-69$ for plugin that disable some payment method after user chose delivery method (after study a lot of plugins (that take me few hours), i found and use free code solutions found in some website.
Unfortunately many plugin developers ride the line too. Many are working in the black market and do not provide any business details, not to say a true official name.
Yes, if a plugin developer isn’t providing business or contact details we would definitely recommend staying away from them. There are many great developers out there who are transparent about their business and products. Those are the ones we should help support.
The problem with wordpress plugins is their business model. Except codecanyon, wordpress plugins developpers sell you a “1 year only updates” which i find unacceptable. I’m ok to pay for support IF i need it, but all plugins should provided lifetime updates as the core of their business model and should base their prices on the presence of lack of support.
The only acceptable business model for a plugin and the only one that should exists is what does codecanyon :
– Plugin + lifetime updates + 6 months support support = XX$
– Support renewal only = XX$ (with discount if you renew each year)
Except if you already have a successful website, buying all the plugins you need and their renewal fees is not possible for 99% of clients.
Personnaly 95% of the time i don’t need/don’t use plugins support, why should i have to pay for it especially when that’s more or less what i buy when i buy an under GPL license plugin? I’ll be happily buying ALL my premium plugins if price was 1) reasonable price (some plugins and their hundreds of addons are just a joke of business model) 2) provide lifetime updates like on codecanyon (unfortunately, not all the best premium plugins are on codecanyon).
I buy all my codecanyon plugin, because they provide lifetime free updates, i now use GPL repository for all dev that don’t adopt that business model, sorry.
I think that’s plugins developpers (by the business model they’ve chosen) that are responsible for the birth of these GPL websites. I’m not gonna cry on developpers trying to milk customers with annual renewal fees to obtain plugin updates and even less on the developpers trying to sells dozens of addons for their main plugins (and with the same business model!)
Where did those gpl clubs get gpl files? There must be a source they can get it
Hey Phuong! Many GPL clubs simply buy one copy of the premium plugin or theme and then re-sell it multiple times. But we never encourage going down this route as you don’t get support from the developer and security updates could be lacking.
I wanted to buy WPForms for my website but I need you to have the option to use Stripe. I’m not going to get a lot of money for that channel, but I’d like to offer it to a potential customer.
Surprise. The license for 1 site ($39 per year) does not have the Stripe option. Ok, let’s see the second option, valid for 3 sites ($99 per year). No! No Stripe. Try the next option. In this case ¡yes! ¡offer Stripe! ¡for 199$ per year! Really? Unlimited sites? I only need it for a site with all the options!
And every day showing an announcement that the offer ends in 3 days and every 3 days the offer restarts again.
Really, WPForms and the multi-million dollar company that owns it has made me rethink paying some developers.
I want to pay for work and ethical offers!
Hey Brian, thank you for this article. It really helped me understand what GPL is. I am quite new to the world of wordpress, plugins etc.
Just got an offer in my email for a whole bunch of premium themes and plugins (think yeos premium, thrive, woocommerce and so much more, 1000+ in total) for 23 USD! Really really tantalizing..Which then got me searching for what is going on. Not sure if I should take that offer, since they promise to post updates. Thanks again! A lot of reading to do.
Hey Anwar! Yes, the real problem is that you won’t be helping to support the developers that work really hard to make these plugins. Also, you don’t get support. Many GPL clubs promise to release updates but then stop, leaving you without important security updates.
I agree if you intend to use premium themes and plugins for WordPress site, especially if you are a web designer, you should support the author and buy directly from them. Saying that many plugins are really overpriced (for example WooCommerce extensions), and many plugins don’t have proper documentation or demo so you might buy and end up not using it. For that reason, I download all the plugins I use on wordpressliga.com for testing purposes. If the plugins do what I need, I will buy from the original author
I would like to know If the following is something possible.
Let’s say I start a website (on a tight budget) that requires multiple expensive plugins, but I’m not sure if all plugins will integrate well and meet my needs, so I decide to start with GPL plugins. After some trial and error, the website is fully functional and I want to switch to “Legit” licenses by buying them at full price to get updates, support, etc.
Is it just a matter of adding the bought license keys to the plugins or do I have to set up everything all over again?
So where do we find official GPL files of a theme and plugin? Is there any official page or link where we can find it? Because I don’t trust these GPL clubs.
We always recommend supporting developers. This means purchasing the plugin or theme from the developer or downloading it from the WordPress repository.
This article neglects to mention copyrightlaw. The GPL software creator does not give away the copyright with the license. For this reason, a developer could sue a website that uses a theme or plugin. The developer can order the website to stop using GPL software or pay, and the website must comply or face further legal challenges. Google lost billions of dollars for what it claimed was fair use of the Java GPL libraries. GPL software developers in the website level are much less likely to gain such huge sums, but it would definitely be possible to go after large websites if they infringe copyright in this way.
Can I remove copyright text on gpl licensed themes?
Watch Out & Beware of ‘Free’ GPL Plugins! – I can guarantee that plugins from gplforest have got malware embedded into them. Unless you really, really know what you are doing you should only deal with the original provider of a plugin from a reliable source.
thank you for everything good job. have a great days :)