Carl Hancock, Gravity Forms, GPL Interview

GPL In Practice: Carl Hancock of Gravity Forms Speaks Out

by Ben Cook on February 28, 2010

So far in GPL Week we’ve heard from three WordPress theme developers and their perspectives on one of the most divisive topics in the WordPress community. Today, however, we have the pleasure of hearing from plugin developer Carl Hancock, one of the creators of Gravity Forms.

While the GPL debate is most often discussed in terms of WordPress themes, the topic is just as contested & contentious in regards to WordPress plugins. So, what does one of the creators of the hottest plugin on the market think about the GPL? That’s what I hoped to find out.

Brian Gardner Interview

You decided to license your plugin under the GPL. What things did you consider when making this decision?

We considered a variety of options when deciding on the licensing for Gravity Forms.  Ultimately we settled on the GPL license primarily so it was in line with WordPress and allow us to be more involved in the WordPress community.
A lot of licensing schemes are in place specifically limited to stop piracy.  The fact is you can’t stop piracy.  All you can do is market a high quality product and service to honest users that are willing to pay for it.  That is what we do.  There is value in purchasing Gravity Forms because we provide a high level of support and ongoing updates to the product.

How have your experiences with the GPL compared to your expectations going into it?

Our experience with the GPL has been in line with what we expected.  We didn’t expect it to have a negative impact on our business, otherwise we wouldn’t have done it. Ultimately the average user doesn’t know what the GPL is, it’s primarily only the hardcore WordPress enthusiasts that have any clue what the GPL is all about.

Do you think your plugin would have been received differently if you hadn’t adopted the GPL?

Yes.  I think our plugin would have been received much differently by the WordPress development community.  We would have most certainly received negative press and comments thrown our way for not being GPL.  I disagree with it, but that’s just how it is. By being GPL it has enabled us to avoid that baggage.
I know that is blasphemy in the WordPress development community, but until it is proven in a court of law… I don’t agree with the notion that ALL plugins and themes must be GPL.  Is Gravity Forms GPL? Yes.  But i’m not going to look down upon anyone who chooses not to release their product under the GPL.  If it’s a good product i’ll gladly use it, GPL or non-GPL.
The average user wouldn’t have received it any differently.  As I mentioned, the average user doesn’t know what the GPL is, how it works, or why it matters.

Do you feel you’ve been helped or harmed by the GPL?

It has helped us as far as gaining acceptance within the community.  I don’t think we have experienced any harmful effects.  We just had to be creative with how we implemented our support license key system, which unlocks automatic updates, so that purchasing the plugin is more attractive than downloading it for free from a 3rd party.

Do you think the GPL impacts plugin developers differently than theme developers?

I think the major difference is the GPL debate is much clearer when it comes to themes. Matt Mullenweg has said that themes don’t necessarily have to be 100% GPL.  Despite this fact, has taking the stance that themes must be 100% GPL in order to be allowed in the WordPress repository or on the commercial theme page.
I think any theme developer that releases 100% GPL commercial themes is crazy.  Design and code are not the same thing.  Theme designers should be releasing the PHP as GPL and the images and CSS under a difference license.
Sure they won’t get the benefits of being on the commercial theme page, but is it really that valuable? I don’t think so.  Sure Matt Mullenweg won’t give you the thumbs up, but is he really out there pimping your themes now?
Don’t let someone else dictate how you run your business. Leverage the fact that you can have more control over your product by releasing it under a dual license.  It just makes sense.
But what do I know, I’m just a plugin guy…

Carl is certainly a lot more than “just a plugin guy” and I appreciate him taking the time to share with us a few of his insights on the WordPress community especially in regards to the GPL.

If you haven’t checked out Gravity Forms, you really are missing out. I’ve written up a full Gravity Forms review and give the plugin my highest recommendation. I use it in all of my WordPress projects and the support and responsiveness you get from Carl & the rest of the rocketgenius team is second to none.

Due to a couple of delays that simply couldn’t be avoided GPL Week is going to stretch into a second week. Sure it’s not technically a week but 8 or 9 days of GPL just didn’t have the same ring to it. Up next for your reading pleasure, a GPL interview with Thesis theme creator Chris Pearson. Stay tuned GPL fans!

Image sources: & Ben McLeod

{ 18 comments… read them below or add one }

Jason Fannenstiel February 28, 2010 at 10:04 pm

I’ve read that the Wishlist Membership plugin, which is very popular, is encrypted (therefore non-GPL compliant) and it is experiencing great support from WP users in terms of sales. Their traffic stats ( and recent job hirings ( support this. Sure there are some hardcore GPL-only fanatics out there that oppose it but that’s to be expected.

What the all-GPL-or-nothing crowd fails to recognize is that clients that use excellent plugins like WishList Member don’t care if it’s GPL or not. People just want well-supported plugins that work, that’s all. And you can’t provide support for your plugins from donations alone. Moreover, to not attempt to protect your premium plugin in someway is suicidal with respect to long-term sales success. A quick search on Google for the premium version of the most popular WordPress plugin, All In One SEO Pack, effectively conveys the crux of the problem (see the RapidShare and torrent results on the 1st and 2nd pages):

There’s a great legal discussion challenging the GPL that includes Matt Mullenweg arguing against some attorneys here:

In the discussion cited above Matt appears to be unable to separate his philosophy on WP from that which is legally enforceable. Based on that discussion it sounds like he knows the legal arguments that are in support of his view of the GPL but he does not comprehend the opposition’s legal arguments which seem well founded.

Ben Cook February 28, 2010 at 10:37 pm

Jason, while encrypting your plugin might prevent a few people from redistributing it, you’re not going to stop all or even most piracy.

Where I think the GPL falls down is that it encourages people that wouldn’t pirate a plugin or theme normally to distribute them freely since the license allows it. That doesn’t make much sense to me and as you pointed out, there are several varying legal opinions on the issue. The blog you linked to also has a pretty convincing argument that the GPL debate doesn’t matter to themes anyway since their use of WordPress functions could be considered fair use.

Jason Fannenstiel February 28, 2010 at 11:58 pm

Ben, you’re absolutely right that encrypting or providing some level of protection won’t entirely prevent people from pirating your work. Perhaps it’s the perception of enforcement that’s important here and not the actual ability to totally prevent all piracy. That is, if you offer some sort of deterrent to piracy and utilize a non-GPL license for your plugin/theme it may deter some people from pirating it and you should have legal ground to take action against someone that is pirating the work if you choose to do so. After all, Microsoft and other software makers still use deterrents despite there being huge issues with piracy. Also, the use of encryption or other deterrent systems would clearly indicate to the user that your theme/plugin is NOT GPL and they may not legally distribute it.

You brought up a great point about the fair use of WP functions within themes. Either way it’s all conjecture until Matt tries to enforce his legal opinions in a court of law and from the sounds of it he doesn’t ever intend on doing that. Especially since he can already effectively convince theme developers into going GPL by tempting them with links in the commercial themes directory on I imagine the same will happen to plugin developers; as more and more premium plugin developers go non-GPL Matt will have to entice them with a featured placement/link with a yet to be created premium plugin directory if they go GPL.

Whether or not a GPL-compliant premium plugin business model behaves the same as a GPL-compliant premium theme business model or if it has long-term sustainability has not been determined yet has it?

What evidence beyond the word of some GPL theme developers do we have that indicates going GPL is beneficial/harmful for long-term sustainability in the market? I’m not questioning their honesty, I’m just looking for hard evidence here. My opinion is that they benefit from the feature on but is that traffic bump and the exposure worth the loss in sales due to piracy and the lack of protection of their trademark/work?

Andreas Nurbo March 1, 2010 at 4:52 am

There is some differences between themes and plugins when it comes to selling them. That difference is how people perceive them.
Just look at how plugins are priced in comparison to themes. Gravity Forms is a very complex plugin and it is still very cheap in comparison to buying a StudioPress or WooThemes themes. Themes are expensive but since people see what they get its probably easier to sell them.

I think Dan Milward would be interesting to hear. He has successfully combined both a free GPL plugin and selling non-GPL-plugins and is still included in the WP community. Can’t exactly say the same about Chris Pearson. Or perhaps Stu McLaren of Wishlist .

Chip Bennett March 1, 2010 at 10:25 am

I have to question a premise here: does encrypting render code non-compliant with respect to GPL? If so, how and why?

Even taking the most liberal interpretation of the GPL, at worst, the developer would be compelled to provide clear-text source code upon request. And if so, as long as the developer complies with the requirement to provide clear-text source code, then does encrypting the code in and of itself violate the GPL?

So, does someone who purchases WishList have the right, under the GPL, to ask for clear-text source code?

If not, why not?

Jason Fannenstiel March 1, 2010 at 11:47 am

Chip, they could ask the WishList team to provide a unencrypted source code but WishList isn’t going to comply with that; otherwise, they wouldn’t have encrypted it in the first place.

Carl Hancock March 1, 2010 at 11:51 am

Chip: You can encrypt your code and still be GPL compliant as long as the source code is available… and that can include charging for the source code.

Carl Hancock March 1, 2010 at 11:52 am

Just so everyone is well aware, PHP Encryption is a joke. It’s easily broken. Including the encryption that WishList Member uses. It’s a deterrent that isn’t going to stop someone who really wants to pirate your plugin.

Jason Fannenstiel March 1, 2010 at 12:27 pm

Carl, I don’t think the primary benefits of encrypting the plugin is to stop people from pirating it so much as it: 1) clearly conveys to the user that the developers do not wish for it to be freely distributed, and 2) that breaking the encryption would serve as strong evidence that the user violated the developer’s license as well.

Jason Fannenstiel March 1, 2010 at 1:21 pm

Here’s something else for premium theme/plugin developers to consider. Matt Mullenweg was able to convince Brian Gardner and other first-mover premium theme developers to adopt the GPL partly by tempting them with more exposure via the commercial theme directory hosted at Those first movers received tons of traffic, and presumably more sales, being on board because there were so few premium theme developers that offered GPL compliant themes at that time. Now, however, there are nearly 50 makers/themes listed in the premium themes directory on and the traffic boost it once provided is waning due to all the competition. Perhaps more importantly, example traffic stats for some larger theme development companies listed in the commercial themes directory at indicates that being included in that directory isn’t a major source of referral traffic ( Hence, what is the major incentive now for premium theme developers to become GPL-compliant if getting listed on no longer results in a boost in traffic/sales?

Chip Bennett March 1, 2010 at 1:27 pm

@Carl: that’s what I thought.

@Jason: if the developer of Wish List claims that the plugin is released under GPL, then he violates his own license by not releasing the source code. Of course, as the copyright holder, he’s within his rights to do so – but in so doing, he’s not actually releasing GPL-compliant code.


1) Releasing code under GPL explicitly expresses the developer’s intent to allow users to use, modify, and redistribute his code – regardless of any implied intent of encryption.

2) The GPL is explicit that the user is completely unrestricted in his use of any code licensed under it. Thus, the user has every right, as granted by the GPL, to decrypt/unencode code released under GPL. Thus, breaking the encryption of GPL-released code is no evidence whatsoever that the user violated the license – in fact, quite the opposite. Any attempt by the developer to restrict the use of his code contradict the GPL under which he has released it.

Jason Fannenstiel March 1, 2010 at 1:44 pm

Chip, WishList probably isn’t released under the GPL; hence the encryption efforts (why do it; it makes no sense otherwise). Therefore a non-GPL licensed WishList plugin is encrypted to deter free redistribution of the code, to convey to the user that it is not GPL (because it would be stupid to encrypt something that is), and to serve as evidence that the user violated the developer’s non-GPL license break the encryption.

Chip Bennett March 1, 2010 at 1:51 pm

@Jason: yes, reading their licensing information, it is clear that Wish List is not GPL.

However, I was merely questioning the assertion that such a plugin is inherently incompatible with the GPL. I contend that it isn’t – and, like you said, using encryption on such a GPL plugin would be foolish.

Jason Fannenstiel March 1, 2010 at 4:32 pm

Yes, using encryption on a GPL licensed plugin would be stupid as I implied. What do you not understand about that statement?

Chip Bennett March 2, 2010 at 12:03 am

@Jason: how is agreeing with you construed or inferred to be misunderstanding your statement? I’m agreeing with you that encrypting GPLed code is foolish.

Andreas Nurbo March 2, 2010 at 2:55 am

@jason Brian Gardner has on numerous occasions said that Matt didn’t have anything to do with them going GPL.

Russell Jamieson July 17, 2010 at 3:21 pm

As a plugin developer I concur with Carl that the pragmatic approach is develop GPL compliant plugins and offer pro/premium versions that offer support, upgrades and enhanced features.

With regard to the potential dual licensing of Wordpress themes (PHP under GPL and CSS/images under non GPL) and Thesis in particular, Chris Pearson is between a rock and a hard place since his customers buy Thesis not for the CSS and images but for ease of customization in adding their own CSS and images (and PHP customizations).

If GPL is enforceable at all, Chris is likely to lose. It will be down to higher level principles, not the specifics of Wordpress and Thesis. I guess that Chris simply does like the idea of the GPL as he sees it as ‘inorganic’ in his organic business, and believes that, in the land of the free, Wordpress should not be able to impose their view on how he should sell his own software. We may have a GPL test case on our hands in the coming months as the rhetoric on both sides shows no mood for compromise.

John Morris November 7, 2011 at 1:21 pm

Hey guys!

Interesting discussion. Just a couple points of clarification on WLM (I’m one of the developers at WishList Products):

1. WishList Member is not developed by a single person. We have 14 full-time employees, the majority of which are developers and support staff. We also have a few part-time employees to add to that.

2. WishList Member is technically obfuscated, not encrypted. It’s probably more just semantic difference, but obfuscation means it can be reversed (as Carl pointed out).

3. WishList Member is not released under the GPL. As mentioned, while technically okay, it would be a bit silly for us to release it as GPL, but encrypt it.

As for releasing GPL vs not releasing GPL, we’ll see how this whole discussion plays out and adapt accordingly.

Speaking for myself and not the company, I personally agree with Carl that a business or developer needs to look at their own situation and make the best decision for them.

Previous post:

Next post: