Is customizing an existing plugin legal and safe?

  • miguelsoares

    (@miguelsoares)


    7 years ago

    Hi guys, total WP noob here.

    I would like to know if I can buy a plugin and then ask a developer to customize its code to expand it’s functionality and meet my business requirements.

    Is this legal?

    What about safety? I was reading that if I do this, when the plugin gets updated the customization changes may be lost. But can’t I simply create my own custom plugin by copy/pasting the code from an existing plugin and use that as a base to start writing more code on top to build my plugin?

    If the original plugin has some vulnerability, when hackers scan my website, they will not find that plugin but instead a custom one, so would that make it more secure because they know nothing about this plugin?

    Or they scan for functions/scripts within the plugin?

    I hope my questions are not too stupid… sorry if they are.

Viewing 1 replies (of 1 total)
  • catacaustic

    (@catacaustic)

    Any plugins for WordPress should have been distrubuted with GPL licensing, which allows you to modify the code as much as you want to. You’ll have to read the license to get teh full requirements, but that’s basically the overview. Plugins purchased form other sources outside of this site may have different licenses, so you’d have to look at those on a case-by-case basis to be sure.

    If you do modify a plugin it will be over-written any time that plugin updates. Unfortualtey plugins don’t have “child plugins” the way that themes do. Having said that you can copy the code into a new plugin and use that as much a syou need to.

    As far as ecurity, you will be open to vunerabilities that are found with the original plugin because yu’re not updating the code that you’ve copied across. There’s not much that can be done about that apart from looking at every update for that plugin to see what’s changed.

    If hackers can exploit a vunerability, they’ll try. You might be able to get away with it if the plugin is in a different folder name/structure to the original, but some hackers will just scan everything, so there’s no guarantees there.

Viewing 1 replies (of 1 total)
  • The topic ‘Is customizing an existing plugin legal and safe?’ is closed to new replies.