Automattic Launches WP Engine Tracker, Raises Privacy Concerns and Stirs Controversy

“Is Automattic monitoring your hosting switch?” This question has taken the WordPress community by storm following Automattic’s introduction of its latest tool—the ‘WP Engine Tracker.’

This tool, which was designed to monitor websites migrating away from WP Engine, has sparked a heated debate over data ethics and user privacy. Critics argue that Automattic is crossing a line by tracking users’ hosting decisions without their consent.

As of now, the WP Engine Tracker displays data showing that over 25,470 domains have already migrated from WP Engine to other hosting providers. These figures reflect the numbers at the time of writing and highlight the scale of the exodus being tracked in real-time.

Meanwhile, the WP Engine Tracker’s single-page website features offers from other hosting providers, encouraging users to migrate away from WP Engine. These promotions are also shared on X and via Automattic’s blog, further amplifying the campaign. 

Additionally, the site displays statistics showing how many websites each competing provider has gained through these migrations.

Amidst all this, the legal battle between Mullenweg, Automattic, and WP Engine continues to escalate. Just a few days back, Automattic moved to dismiss key claims in WP Engine’s lawsuit and filed a request to block WP Engine’s bid to regain access to WordPress.org.

To understand why Automattic’s latest tool has caused such a stir, it’s essential to revisit the events that led to its launch in the first place.

The Story Behind WP Engine Tracker

Automattic’s launch of the “WP Engine Tracker” marks a new chapter in an ongoing conflict that has captured the attention of the WordPress community. 

The tension between Automattic and WP Engine came to a head in mid-September 2024 when Automattic’s CEO, Matt Mullenweg, publicly criticized WP Engine’s practices. This sparked a series of heated exchanges, escalating into a full-scale public dispute.

In response to the growing conflict, Automattic introduced the WP Engine Tracker. Initially designed to track migration patterns, the tool’s real-time updates and continuously refreshed data have only intensified the rivalry. 

To give you a clearer picture, here’s a screenshot of the “Activity Log Today” feature, which shows real-time updates of these migrations.

The latest update to WP Engine Tracker is just one part of its ongoing evolution. The site initially had a basic design with a black background, resembling something hastily put together. However, Automattic quickly overhauled the design, adding a blue color scheme and new functionalities.

A key update was the addition of the Recently Moved feature, which highlights domains that recently migrated away from WP Engine.

Another notable addition was the Top Destinations graphic, which displays the most popular hosting destinations for migrating domains. 

For a more detailed breakdown of these events and their implications for WordPress users, visit WPLift’s in-depth analysis of the Automattic-WP Engine conflict.

Automattic Defends WP Engine Tracker: What’s Their Stance?

Before the launch of the WP Engine Tracker, TechCrunch reported that Matt Mullenweg hinted at more trouble ahead for WP Engine, predicting significant customer losses. He was quoted saying:

“They are losing a lot of customers, so we’ll see what happens. Like I said, we’re at war with them. We’re either going to go brick by brick and — us and other companies — take every single one of their customers.”

Mullenweg further claimed that WP Engine could lose more than 8% of its business in the coming weeks. This figure coincides with his earlier demand for WP Engine to pay 8% of its revenue as a licensing fee for the WordPress trademark.

In defense of the WP Engine Tracker, Automattic has stood by its actions. A spokesperson for the company shared their perspective with Search Engine Journal, explaining:

“The beauty of open-source software is that everyone can access data on a granular level because it’s all publicly available. This data has shown that since WP Engine filed its lawsuit — drawing attention to their lack of official association with WordPress, poor service, modifications to WordPress core software, increasing and convoluted pricing structure, and repeated downtimes — their customers have been leaving for other hosting providers. WP Engine can, and always has, been able to access the WordPress software and plugins available on WordPress.org, just like anyone else.”

Despite this defense, WP Engine has pushed back strongly against Automattic’s claims, disputing the validity of the Tracker and the allegations made by Mullenweg and his team.

WP Engine’s Response to the Tracker

WP Engine has intensified its legal battle with Automattic by highlighting the WP Engine Tracker website as one of the example of harmful actions. The company alleges that the site is part of a larger strategy to damage its business and reputation.

It also claims this action exposes customers to cyber risks and has requested a preliminary injunction to remove the website and related content.

The amended lawsuit also accuses Automattic of publishing sensitive customer information, including private server details, which could lead to hacking. 

Cloudflare Blocks WP Engine Tracker Over Phishing Concerns

According to a report by Search Engine Journal, Automattic’s controversial WP Engine Tracker website was temporarily blocked by Cloudflare on November 9, 2024, due to “suspected phishing.” 

This sparked a lively debate on Reddit, where users celebrated the block and speculated whether the site’s purpose or user reports prompted the action. 

Meanwhile, a protest site targeting Matt Mullenweg was launched on the newly registered c. The WP Engine Tracker website has since been restored after Cloudflare removed the block.

Community Reactions: Controversy and Debate

In the middle of a heated trademark dispute, Matt’s decision to register the domain “wordpressenginetracker.com” has sparked discussions across online forums. 

While the tool in question is officially named “WP Engine Tracker,” the domain’s wording has raised eyebrows because it departs from the product’s branding.

A Reddit user commented on the matter, saying: “I found it odd that Matt registered wordpressenginetracker.com when the thingamajig isn’t called ‘WordPress Engine Tracker’ – it’s ‘WP Engine Tracker.‘”

A developer replied to him, suggesting that Matt’s move may have been strategic:

“‘wpengine’ is probably trademarked. It’s their company name. If Matt uses it, he could open himself up to a trademark violation — the same thing he’s accusing WP Engine of. That wouldn’t look good for his case. Bonus is that ‘wordpress engine’ helps him make the case that WP Engine is infringing on his trademark. So he probably thinks it’s a double win.“

The choice of domain name has sparked speculation about Matt’s intentions. Some see it as a clever legal maneuver to avoid trademark violations while subtly strengthening his argument against WP Engine. Others, however, question the ethics and clarity of using a name that diverges from the tool’s branding.

Some even question if sites leaving WP Engine have moved to another WordPress host or just abandoned WordPress altogether.

A comment on GitHub stated, “It’s possible some folks have left WordPress as well, so saying sites have left WP Engine doesn’t necessarily mean they’ve gone to another web host that supports WordPress. This is a really tacky endeavor. I am not impressed at all.” 

Twitter has also been active, with many users sharing their opinions. 

A thread by a WordPress expert critiques WordPress’s actions, arguing that publishing customer data without consent violates the GDPR framework. The user emphasizes that WordPress, as a data processor, is required to inform users about how their data is used, which was not done in this case.

In response, Automattic stated, “We got the domains list from several third-party sources, not from .org. It’s pretty easy for anyone to do with services like W3Techs, BuiltWith, etc. You could recreate the same with a few hours of work and a few hundred dollars. These are all public sites in DNS.”

In reply to Automattic’s statement, the user questioned the ease of obtaining such a list. He pointed out that staging subdomains are often hidden or protected, making it difficult and expensive to access all subdomains.

Security researcher Daniel Ruf called this move “amateurish.” He said:

 “I’m not sure what the goal of this website is or what Matt is trying to achieve. But the community is getting increasingly annoyed by Matt’s unprofessional behavior, and in the security community, some are even considering releasing 0-days for WordPress and related plugins/themes because of this whole situation. The feedback under the tweet from the official WordPress account and in the Reddit community shows what most of us think. The whole situation is hurting everyone more than necessary.”

As this intense battle between Automattic and WP Engine unfolds, it’s likely to lead to important discussions around data privacy, transparency, and competition within the WordPress ecosystem.

Want to stay updated on how this conflict shapes WordPress’s future? Visit WPLift for in-depth coverage, expert insights, and the latest developments in the WordPress ecosystem!