Mustafa Uysal

I'm traveling light, it's au revoir…

Ethical principles for WP devs

I’m so tired of seeing shady marketing techniques around WordPress plugins. I’m writing this post about plugins particularly but the same thing applies to themes too.

Admin Notices

admin_notices is the most abused hook in WordPress history.

Best practice:

  • make them dismissible, unless it won’t break the website.
  • use it only when a user “must” take an action. E.g “enter the damn credentials for payment plugin”
  • use plugin’s own page to promote/upsell premium version of your plugin

Worst practice:

  • show them to upsell your product
  • make them permanent. Even worst, when a user clicks to “dismiss” brought it back once a week.
  • pop-up an input. Why don’t you get a user email to subscribe to your damn email list?

Affiliate Links

Developer guideline section 12 prohibits public-facing affiliate links.

You might want to get some commissions through your WP plugin. Let’s say you are building a 3rd party integration plugin and doing it for free. In that case, you can add links to the setup instructions and I think it’s totally ok. (better to have a disclaimer in place for sure)

But, if you are building a premium WP product. I’m no longer your user. You turned me into a customer and I want to get treated as a customer. Don’t be fuckin greedy to get commissions on your customer.

You understood “Decisions, not Options” wrong!

One of my favorite things behind WP is that philosophy; Decisions, not Options

I want to give an example of this. Imagine a WP plugin showing a custom textbox area for entering “<script>” tag(s). What would you expect to see that on a multisite setup with a regular site admin?

Thankfully, the input is sanitized properly when you try to inject some scripts. However, it doesn’t make any sense to show-up a “script” input for the users who don’t have unfiltered_html capability.

I faced this problem with one of the famous “premium” plugins and reached out to their support. I already knew there is no filter/action that I can override default behavior but I still act like a noob user and kept their support line busy.

And the answers:

The features of our plugin cannot be removed or hide since this will apply to all users using our plugin.

Not sure if they ever heard something called “Plugin API” πŸ€·β€β™‚οΈ

I do believe that good plugins follow the core philosophy and give the developers flexibility through Plugins API.


If your plugin is sharing information with 3rd parties, at least give me a heads up! I’m not a lawyer and I’m not digging into this topic but you can’t just think about your customer, you have to think about the website users too.

Downgrade functionality by checking license

Think about this; your website is running with the same code under the same circumstance and somehow a functionality is just stopped.

In this particular case, I want to dig into the “functionality” definition.

The first case; Let’s say you are providing an Image Optimization service, and you just want to block users once their license got expired. So, this way the user can keep up with the un-optimized images, and nobody got hurt. (just a fallback, don’t break the media library) (Akismet is also a good example, it just stops spam protection if your API key expired)

Second case; I’m building a payment form plugin and once your license expired, you can’t get payment as it used to be. 😈

Third case; I’m building a “page builder” plugin. I don’t have to check the license but I do check it every time you want to use it, and my code prevents everything unless you enter a valid key. 😈

If you think these are the made-up scenarios;

What is next? injecting a cryptocurrency miner and slow-down their website once people forget to pay for a subscription?

IMO, the best practice; don’t block the functionality that already shipped with the plugin. Just prevent auto-update functionality and your support. Simple as it!

It’s ok to charge your customers

There is nothing wrong with charging your customers for the solutions that you have built. Making good quality of the product takes time and effort. Just play by the rules. The rules can be subjective, and everybody might have different opinions about ethics, best practices, worst practices etc…

My 2021 resolution; learn – “marketing” – deeply. Perhaps, I will found out myself doing the same things that I’m against today, who knows…

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.