Removing the “powered by WordPress” attribution text

December 11th, 2009 | by Sean |

I saw a request for help with English grammar from a member of a forum I often visit, so had a quick peep at his website. It looked great, nice copyright message and all. He seemed to be suggesting that it was all his own work, so I had a quick look at the page source. It was WordPress. I had a look back at his site again, and noticed that the “powered by WordPress” text was missing.

WordPress

WordPress

I had a dim recollection of some free projects back in the day asserting that the “Powered by Whatever” was part of the licence for using the software. WordPress – apparently – makes no such demand. I’m a bit anal about some of these things, so if I passed off someone else’s work as my own, I wouldn’t sleep so well at night. If it’s a moral argument… I’m so disinterested, I can’t finish the sentence.

While I was reading some other points of view on the topic, I came across this thread at Crazy On Tap suggesting that removing attribution is something jerks do. By the time I read the thread, I’d already decided that if WordPress don’t ask people to show the attribution, it really is the jerk’s choice to remove it, and you can’t really blame the jerk. Perhaps even referring to them as a jerk wouldn’t be fair. I know I wouldn’t do that. Hey – jerks have rights and feelings too!

I had nothing more to say about the subject, it was a ‘done deal’ in my head. I’d decided that I was right to keep my attribution, and the … other people … were right to remove it on their WordPress installations. Nothing more needed to be said on the matter. No act of philanthropy needed to the guy asking for English grammar help on the forum, he’d failed my new philanthropy test. I’ve saved a few minutes of my life. And then an argument against attribution on the Crazy On Tap thread caught my eye.

On top of that, the stack of code that WordPress is usually running on dwarfs WordPress in complexity. So really if one wants to talk attribution, there should be WordPress, PHP, MySQL, Apache, Linux, and so on.

I can’t decide whether this is a straw man or a slippery slope argument. Maybe I’m not very smart. Personally, I do try to name-check all the open source software (and even occasionally, hardware that has exceeded my expectations) I use. The thing that tweaked my ‘autistic response nerve’ was the bit about attribution for the software stack. I spend a lot of time looking at HTTP – the messages that are sent between your browser and a website. I guess perhaps there are more people than just me who actually care about the nuts and bolts of websites and how stuff is transferred back and forth that do. For people like us, the attribution is there.

First off, the headers from Crazy On Tap, the site the quote above is taken from:

sean@taiguima:~$ curl --head crazyontap.com
HTTP/1.0 200 OK
Date: Thu, 10 Dec 2009 14:23:24 GMT
Server: Apache/1.3.41 (Unix) PHP/4.4.9 mod_log_bytes/1.2 mod_bwlimited/1.4 mod_ssl/2.8.31 OpenSSL/0.9.8e-fips-rhel5
X-Powered-By: PHP/4.4.9
Set-Cookie: SESSION=f5f822a86438999a7ecc824560481ca1; expires=Fri, 10 Dec 2010 14:23:24 GMT
Expires: Wed, 09 Dec 2009 14:23:24 +0000GMT
Last-Modified: Thu, 10 Dec 2009 14:23:24 +0000
Cache-Control: private
Content-Type: text/html
X-Cache: MISS from box0043.localnet
Via: 1.0 box0043.localnet (squid/3.0.STABLE10)
Proxy-Connection: close

Attributed in the HTTP header, is Apache – the free open-source HTTP server, Unix (African or European, I’m not sure which is faster), PHP – the free open source web page scripting language and OpenSSL – the free open source secure communications protocol. The cache headers were added by the free open source Squid cache running on a server on my desk.

Now take a look at the headers from the website linked to by the author of the quote above:

sean@taiguima:~$ curl --head http://www.yafla.com/dforbes
HTTP/1.0 200 OK
Date: Thu, 10 Dec 2009 14:28:47 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 69522
X-Cache: MISS from box0043.localnet
Via: 1.0 box0043.localnet (squid/3.0.STABLE10)
Proxy-Connection: close

For someone who seems so keen to stand up for his right to remove the attribution for free open source software, his headers provide 3 separate mentions for restrictively-licensed software he has paid for. I don’t get it. But maybe I’m just not very smart.

Just to finish off, I looked at those headers using cURL, a free open-source utility that does so many things it’s almost possible to explain simply. I use it for viewing and testing HTTP ‘conversations’. You can see HTTP headers sent by a webserver using this page at spider.my.

One last thing before I post this, I bothered to check the foot of the page at Crazy On Tap, and saw the attribution for FruitShow, a minimalistic forum project. That looks really interesting, I must try to think of a use for it!

  1. 2 Responses to “Removing the “powered by WordPress” attribution text”

  2. By Daniel on Jan 16, 2011 | Reply

    Well put! However, now I’m curious what your thoughts are on modifying the server headers in apache to include wordpress (any other other included libraries such as jquery) then removing the reference from the page.

    Some might argue that this would give equal attribution to all of them, since they can all be found in the same spot. While others might say its best to keep these attributes in the default places so that those potentially interested in knowing which library/engine was used, knows where to find it.

  3. By Sean on Jan 16, 2011 | Reply

    I think for document-building software (like WordPress), attribution in the page source is the right place to do it. For server plugins, there’s no conscionable choice but to add something to the HTTP headers. I guess packages used in the building of a page could try to add attribution spam to the HTTP headers, but I think spamming there would be feeding the wrong eyes. If you want to copy seek inspiration from someone’s beautiful documents, you look at the page source. If you wonder how a site can send so many responses to so many concurrent clients, you look in the HTTP headers.

    Things are okay as they are. I’m not a big fan of the ‘X-Powered-By’ header field, nor of spam-stuffing the ‘Server’ field. There’s a lot of big projects that are attributed there – I wonder how else they could get their message out. By coincidence, a project of mine currently has a design flaw in the way it handles unimplemented request methods, and has been locking up after receiving an ‘OPTIONS’ request. I wonder if there’s some scope for an “Allow: PLATFORM” response which indicates an implemented attribution response? Rather than send out attribution with absolutely every response, there could be a dedicated method for that once-a-month request from someone who genuinely wants to know how you implemented your site. Then again, maybe it’s not so easy to arrange for a one-off means of notifying your platform what components should currently be acknowledged. A dedicated URL such as /attributions.txt might be a clean way to do it, but /robots.txt and /favicon.ico are contentious from a ‘reserved URL’ point of view, aren’t they?

    I think it’s okay as it is. People who write components will try to sneak attribution in wherever they can, people who don’t want the attribution to go out will try to hide it. I think it’s reasonable to expect no attribution at all, and to go ‘sociable’ and email the site admin if you really want to know how they did it. If they have a great site and get too many such queries, I’m sure they can put the answer in their ‘About’ or ‘FAQ’.

Sorry, comments for this entry are closed at this time.