How to Enfroce Domain Licensing Limits? [closed]

You can’t. You can only mitigate at expense to yourself.

  • People determined to do this will achieve their goal regardless of how many obstacles you place in their path
  • The GPL means you can’t control how people use the code once you put it in their hands, and you can’t prevent them modifying it
  • Nothing prevents one user from doing all the hard manual work then distributing your plugin themselves with their own automatic updater that bypasses you and your protections entirely.
  • Even if you achieved this, most people would never need to spoof a domain in the first place.
  • A lot of plugin vendors don’t do this “Domain Verification” so the answer of how they do it is simple, they don’t.
  • Most HTTP requests don’t include the domain so unless you include it yourself you wouldn’t know which domain you needed to verify in the first place.

The only method people have figured out to reliably avoid these things is to implement their product as a subscription service and move some functionality into the cloud, and sue copycats for trademark and brand infringement.

Fundamentally, the value is not in the code you sell, but in the support services and continued updates that you as the seller/vendor provide.

This is a cat and mouse game, and there is always a path to escalation. You will never defeat a determined pirate, no matter what licensing scheme you implement, no matter what code license you choose.

Misc

I know many plugin providers limit the number of activations to a certain number of domains but I am wondering how it is achieved and why it cannot be bypassed.

No plugin providers have cast iron solutions. Most do not do these checks, all can be bypassed with a little effort.

In the standard licensing model, what stops a user from using the same license on unlimited domains?

Nothing, the user can edit the code and delete the licensing functions if they wish, they have the right to do so according to the GPL license.

If my server is expected to verify which domain the request is coming from, can’t a user spoof the domain by changing a few lines of code in WordPress?

In practice people don’t spoof domains because they don’t need to, and because that’s not how these systems work.

Your server can’t verify the domain based on just what was sent in the request, that’s not how HTTP requests work. Your server sees the IP it came from, but there is no guarantee the IP maps to the domain if you were to look it up, even if it’s a legitimate request.

You can try to verify the domain, but fundamentally this gives minimal protection that is easily circumvented. The concern you have does not fit with the reality of piracy. It’s much easier to change the code that checks with your server to always say “yes” without bothering to make the request, either by modifying your plugin/theme or via filters/proxies. Likewise it’s easier to buy 1 licence and copy the updated code to hundreds of sites, or let a pirate do that for you.

Related Posts:

  1. How to implement WordPress plugin update that modifies the database?
  2. Update plugin from personal API
  3. What is the correct way to update both WP/plugins/themes without breaking the site?
  4. Redirect to another page using contact form 7? [closed]
  5. Update a previous version of plugin when the new plugin is built from the scratch
  6. How to update changes to multiple sites at the same time
  7. How to Replicate Elementor Licensing Model
  8. How to create a WordPress plugin for another wordpress plugin?
  9. Plugin update error message
  10. Customize plugin update “new version is available” text
  11. How wordpress detects a plugin update
  12. What is the correct way for a theme to support plugin UIs?
  13. Avoiding plugin name collisions with WP updater
  14. How to call “page specific menu items” in template [closed]
  15. Making plugin unique to not conflict with plugins with the same name
  16. Update Multiple Post Meta for the Same Post In One call?
  17. Function to activate WordPress theme inside a plugin
  18. plugin wants to update to wrong plugin
  19. Which functions in theme or plugin load first
  20. How to make my plugin theme-independent?
  21. How to load a new template page according to a particular URL?
  22. Should I use RIPS tool to test my themes and plugins?
  23. Plugin child folder?
  24. Autoload via composer in plugin interference
  25. Workflow and best practice for documentation [closed]
  26. Display future posts?
  27. Having separate plugins and themes folder for multi-site setup
  28. unzip a folder on specific location and delete the zip file
  29. gallery option is not available in media upload box in costum theme option page
  30. How to integrate plugin in WordPress theme
  31. How to make my plugin able to be updated from admin panel?
  32. WooCommerce get_price returning wrong price when used via ajax
  33. Open Post Thumbnail in New Child Theme File in WordPress
  34. How to use get_theme_mod in gutenberg editor wordpress?
  35. How to get current post user id
  36. Can’t update/install plugins or WordPress
  37. Display update notification messages like ‘What’s New’
  38. Display post lists in 2nd paragraph
  39. get 404 when accessing wp-admin/plugin-install.php
  40. What are the specifics of WordPress development I need to know? [closed]
  41. How to create a code editor for my plugin .?
  42. How to test ‘upgrader_process_complete’ hook in plugin development?
  43. I should enable automatic updates?
  44. Great blogs site resources/tutorial for WordPress Developers? [closed]
  45. How to write “alt” tag in image for wordpress code?
  46. Check filter defined or not?
  47. Release the plugin in the WordPress repository where redux is used
  48. How to execute plugin and theme updates from a web hook / endpoint?
  49. Shortcode Attributes to Return different $_POST
  50. How to use the CSS of the WordPress core in the development of my administration page?
  51. How (or where) do I get wordpress plugin update download link?
  52. WordPress API functions not working at AJAX functions.php call
  53. What’s the right way to implement functions in footer.php
  54. Don’t load the theme for a page FROM a plugin EDITED
  55. Extending a theme: build new features as plugin or core modules?
  56. Remember the Meta Value With Radio Buttons
  57. How do you create a re-useable HTML fragment in wordpress
  58. WordPress plugin with its own “site”/theme
  59. Yoast SEO Plug In and my Theme duplicating code. Need some feedback on what to do? [closed]
  60. Seperate plugin and theme files
  61. Xamp installed local wordpress not allowing to publish or install plugin
  62. Widgets are not displaying in the admin panel
  63. How to override any plugin file in the child theme
  64. How to set plugin auto-update Enabled by default?
  65. How to prepare (compress/zip) a plugin to enable updating instead of adding new instance?
  66. submit two file input fields in the same form
  67. Content-Security-Policy implementation with WordPress W3Total Cache plugin installed
  68. woocommerce: Customize email with item total count
  69. Child theme modifications not showing up
  70. Rename a folder via HTML POST request
  71. How to create a plugin with automatic update?
  72. How can I see $post object in frontend from functions.php?
  73. Custom Plugin Update
  74. How do I stop plugins and themes from getting updated in a new plugin?
  75. when i activate my WordPress plugin cannot see customizer options or preview
  76. Custom plugin which downloads updates from custom endpoint, extracts new version zip into a new name
  77. Remove action added in plugin class from theme
  78. Can you develop themes and plugins while using the hosting services BlueHost? [closed]
  79. Help Code Review – I need to write on .htaccess file from theme’s function.php
  80. how to add custom css at top above all css file for specific url
  81. Where do the section input fields values are stored in database
  82. Why the output of an image gallery plugin is not displayed into a page of my custom theme?
  83. Can anyone tell me why I can’t edit a plugin when it is installed without having to re-install?
  84. What is the Object for WP_Error Class?
  85. Active Plugins for current blog in WP Multisite Network? [duplicate]
  86. Breadcrumb is not generating the correct post page url
  87. Site is setup statically – how to make it content managable?
  88. How can I make a website with dynamic features with wordpress?
  89. How to create post comparison in wordpress
  90. How to include a custom thumbnail with my WordPress plugin?
  91. How to add image for custom taxonomy
  92. Integrating WordPress Content into a jQuery Slider
  93. How to escape html code?
  94. manage_{taxonomy}_custom_column not working
  95. Plugin download link
  96. Meta box not displaying on the plugin page
  97. add_meta_box showing blank screen in my page
  98. how to update wordpress plugin programmatically using plugin path
  99. How to make content as required in custom post type?
  100. What are Seeds? [closed]