Oct 072016

Securing WordPress Multisite With AIOWPS Plugin helps you understand and setup the plugin in a single network site.

Last Updated: June 7, 2020

Latest News: Updated the documentation.

The following instructions show you how to set up AIOWPS in a single network site. You will also learn about the features available in a single site in comparison to the main network site. You will also learn how to configure the features correctly in a single sub site and more.

Information:Ā TheĀ aiowps code identifies a site as being primary if the blog ID equals to 1 in a multi-site install.

WordPress Multisite Setup Tutorials

Note: Remember some features have been removed from the admin menu in single network sites.

Securing WordPress Multisite With AIOWPS Plugin

The following images shows you All In One WP Security & Firewall admin menu setup from the main multisite and a single network site.

Network Admin Site

Step 1 )Ā The following menu allows you to manage and set up the following tabs. Some tabs have a total number next to them. This number is added to the total after you have completed and saved your settings. The total will show up in your Dashboard Security Strength Meter. The maximum total count in the meter is 505 points.

  1. Dashboard
  2. Settings = 5 points
  3. User Accounts = 20 points
  4. User Login = 25 points
  5. User Registration = 50 points
  6. Database Security = 30 points
  7. Filesystem Security = 40 points
  8. Blacklist Manager = 15 points
  9. Firewall = 135 points
  10. Brute Force = 125 points
  11. Spam Prevention = 30 + 10 more when BuddyPress is installed and activated.
  12. Scanner = 20 points
  13. Maintenance
  14. Miscellaneous


Network Single Site

Step 2 ) Ā The following images illustrates the menu in a single network site. It allows you to manage and set up the following tabs.

Notice: Some of the tabs are not available in a network single site.

Network Single Site

  1. Dashboard
  2. Settings
  3. User Accounts
  4. User Login
  5. User Registration = This feature can only be set up in the main admin site.
  6. Database Security = The following featureĀ DB PrefixĀ is not included in the sub site.
  7. Brute Force = The following features are not included in the sub site =Ā Cookie Based Brute Force Prevention,Ā Login Whitelist andĀ Honeypot
  8. Spam Prevention
  9. Maintenance
  10. Miscellaneous


From the two lists above you can see the difference between the main admin network site and the single network site.

Step 3 ) The following list of features are not included in the single network site because they write to the .htaccess file. The .htaccess file is managed only by the main admin network site. This rule applies to all plugins that are installed in a multisite network setup.

Features Only Included In The Admin Network Site

  1. Filesystem Security
  2. Blacklist Manager
  3. Firewall
  4. Scanner

Configure Brute Force In A Single Network Site

Step 4 )Ā Lets look at how to set up the Brute Force Rename Login Page feature in a single network site. Remember if you need to know what a sub site URL looks like, check Step 2 ) in the following URLĀ Adding Sites Locally WordPress Multisite.

Note: Some of the Brute Force features have been removed from the Single Network Site because of the writing rules mentioned above.

Brute Force Features Missing From Single Network Site

  • Cookie Based Brute Force Prevention
  • Login Whitelist
  • Honeypot

Step 5 )Ā Once you are in the sub site admin panel dashboard, go to WP Security -> Brute Force -> Rename Login Page to set up this feature. The following shows you the options you can set up.

  • Enable Rename Login Page Feature:
  • Login Page URL:
  • Click on Save Settings button once you have completed the set up.


After you have set up the Rename Login Page secret word the login URL will be different. The following URL shows you the single network site network-test-1 plus the secret word 123456.


This means that the following will not work any more.

  • [http://localhost/wpmu/network-test-1/wp-admin.php/]
  • [http://localhost/wpmu/network-test-1/wp-login.php/]

Rename Login Page Test

Step 6 ) In this step you will test to see if Rename Login Page works correctly. When you go to the browser and enter the normal login path with wp-admin or wp-login you should see the following error message as illustrated in the following image. If you don’t then there is something wrong.

Browser Login Error Message

  • WordPress > Error = This browser tab is showing you that the following URL has produced an error. This means that it is working.
  • Not available = It is obvious that nothing should be displayed since you landed in a page that in theory does not exist any more. This also lets you know that the set up is working correctly.


To test to see if the security feature is working correctly, view the webpage source code via the browser.

The following HTML tags are displayed when you view the source code. There is a few more HTML code, some CSS and a little header also in the source code but that is all. This tells you that the security feature is working correctly.

<body id=”error-page”>
<p>Not available.</p></body>

The above instructions points out how this security feature works in a single network site. I highly recommend you to enable this feature in all your sub-sites.

If you have any questions please let me know.


Return to WordPress Multisite Tutorials

I have been working in IT since 1999 and I enjoy the challenges it brings me. I love developing websites with WordPress. I spend a lot of time helping out in wordpress.org forums. I have been writing tutorials since 2011. Now I am learning how to manage my own VPS "Virtual Private Server.

  2 Responses to “Securing WordPress Multisite With AIOWPS Plugin”

  1. Dear Manuel,

    Thank you for the above explanation.
    I am encountering an issue when trying to activate the plugin on my multisite.
    It is giving me an 404 and I am not sure how to fix this.

    Do you perhaps know how this can be solved?

    Thank you very much.


    • Hi Marvin, a 404 error message is when a page is not found. It is very odd that you are receiving such a message when you are activating the plugin. Do you know what page or file the 404 error message is referring too? Also carry out the following. Delete the plugin, and download and install a fresh copy. Let me know what happens.


 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



We use cookies in order to give you the best possible experience on our website. By continuing to use this site, you agree to our use of cookies.
Privacy Policy