Securing a WordPress Multisite

Securing a WordPress Multisite
datum-geschreven 8 Jan 2024
In dit artikel

Is securing a WordPress multisite different from securing a single WordPress site?

You have more data, which is self-explanatory, including more tables in one database. All the regular tables of a single site are duplicated for each site you add.

For example, if you have usual tables like wp_options, wp_posts, now you will have them with an additional prefix. For instance, wp1_options, wp1_posts, and so on, depending on the site number.

multisite in WordPress database

What happens at the server level when you set up a Multisite?

In the uploads folder, you will now have a “sites” folder with a corresponding number as in the database. For your first site, a folder named “1” will be created, where all the files uploaded by the users of that site will be stored.

WordPress multisites

A quick note, the wp-config file will get some additional lines when you start with a Multisite, including:
define(‘WP_ALLOW_MULTISITE’, true);
(So, don’t remove this!)

What happens with the users?

It’s important to mention that a user who signs up as a subscriber is automatically subscribed to all sites within your Multisite.

The admins of a site within the Multisite cannot install plugins or themes. This must be done by the so-called “Super Admin” of the Multisite.

Advantages of a Multisite

You have multiple websites, but fortunately, only one WordPress installation to update. You don’t have to go through each WordPress site individually. The same applies to the plugins; the plugins in the main folder are used, so you don’t need to go through all the plugins of each site.

Is a Multisite less secure than having 2-3-4 separate WordPress websites?

It entirely depends on how you handle the sites.

The risk with separate sites is that you might not update everything on time.
The downside of a Multisite is the problem that arises once attackers gain access to your database, as they can directly access the content of all sites.

When considering a Multisite, you should also take into account that it may face more database attacks, as it is linked to multiple websites.

The use of strong passwords, unique usernames, and up-to-date plugins are the key to securing any type of setup.

De meeste artikelen zijn geschreven door Mathieu Scholtes, eigenaar van WPBeveiligen. Volg Mathieu op LinkedIn voor het laatste WordPress-nieuws, handige tips en exclusieve aanbiedingen.
Bezoeken op LinkedIn!

Deel jouw vraag, tip of mening!

Abonneer
Breng me op de hoogte
guest
0 Reacties
Inline Feedbacks
Bekijk alle reacties
Pak 20% korting met de combo deal!
▼ Nee nog niet