Best practices with commercial plugins

Be aware that WordPress is GPL licensed. Any plugin that uses any of WordPress’s internal structures or functions is a derivative and must also be GPL-licensed (or using compatible licensing in some fashion).

A plugin that “tightly integrates” with WordPress (almost all do) but which is not licensed in a GPL-Compatible fashion is in violation of the license and is illegal.

I don’t understand your question. Correct approach to doing what? If you want to sell your plugin, then sell it. Nothing in the GPL prevents you from doing that.

If you want tips on protecting your plugin from other people redistributing it or protecting it, then we probably can’t help you. The purpose of the GPL is to specifically allow for redistribution.

Basically, you’re wanting to know how to implement a DRM scheme, and since we’re all probably pretty much opposed to DRM, it’s unlikely you’ll get any good advice here.

Essentially, we don’t generally talk about non-free products in this forum. Non-free products are not generally welcome here.

If I got the GPL part correct, I should license the plugin under GPL too, and by doing so I can not sell it and it should not be obfuscated.

No, you can sell GPL plugins all you want. You can’t obfuscate their code, I grant you, but there’s nothing that says that you can’t sell GPL code.

Obfuscation is always trivially easily bypassed in PHP anyway. It never works in any effective means. I’ve yet to see any PHP obfuscation technique that can’t be cracked in under 5 minutes.

The other alternative I see is to not sell the plugin but offer “a site-building service”, which will involve building a digg-style site w/ GPL licensed stuff and charging for the work and not for the product. Is this correct ?

The service professional approach, yes. Generally speaking, that’s the more common way of doing things. More money in it too, because everybody wants their site to be different, so you customize.