If you're providing your servers for free and include them as the primary update mechanism to an open source project for millions of websites, maybe you shouldn't use that as an extortion mechanism holding millions of websites hostage.

Taking away access to those servers is one thing, doing it without warning putting millions of sites at risk is another.