Securing WordPress Multisite With AIOWPS Plugin helps you understand and setup the plugin in a single network site.
Last Updated: June 7, 2020
Latest News: Updated the documentation.
The following instructions show you how to set up AIOWPS in a single network site. You will also learn about the features available in a single site in comparison to the main network site. You will also learn how to configure the features correctly in a single sub site and more.
Information: The aiowps code identifies a site as being primary if the blog ID equals to 1 in a multi-site install.
WordPress Multisite Setup Tutorials
- Setup WordPress Multisite Locally Using Xampp
- Adding Sites Locally WordPress Multisite
- WordPress Multisite Managing AIOWPS Plugin Single Site
Note: Remember some features have been removed from the admin menu in single network sites.
Securing WordPress Multisite With AIOWPS Plugin
The following images shows you All In One WP Security & Firewall admin menu setup from the main multisite and a single network site.
Network Admin Site
Step 1 ) The following menu allows you to manage and set up the following tabs. Some tabs have a total number next to them. This number is added to the total after you have completed and saved your settings. The total will show up in your Dashboard Security Strength Meter. The maximum total count in the meter is 505 points.
- Settings = 5 points
- User Accounts = 20 points
- User Login = 25 points
- User Registration = 50 points
- Database Security = 30 points
- Filesystem Security = 40 points
- Blacklist Manager = 15 points
- Firewall = 135 points
- Brute Force = 125 points
- Spam Prevention = 30 + 10 more when BuddyPress is installed and activated.
- Scanner = 20 points
Network Single Site
Step 2 ) The following images illustrates the menu in a single network site. It allows you to manage and set up the following tabs.
Notice: Some of the tabs are not available in a network single site.
Network Single Site
- User Accounts
- User Login
- User Registration = This feature can only be set up in the main admin site.
- Database Security = The following feature DB Prefix is not included in the sub site.
- Brute Force = The following features are not included in the sub site = Cookie Based Brute Force Prevention, Login Whitelist and Honeypot
- Spam Prevention
From the two lists above you can see the difference between the main admin network site and the single network site.
Step 3 ) The following list of features are not included in the single network site because they write to the .htaccess file. The .htaccess file is managed only by the main admin network site. This rule applies to all plugins that are installed in a multisite network setup.
Features Only Included In The Admin Network Site
- Filesystem Security
- Blacklist Manager
Configure Brute Force In A Single Network Site
Step 4 ) Lets look at how to set up the Brute Force Rename Login Page feature in a single network site. Remember if you need to know what a sub site URL looks like, check Step 2 ) in the following URL Adding Sites Locally WordPress Multisite.
Note: Some of the Brute Force features have been removed from the Single Network Site because of the writing rules mentioned above.
Brute Force Features Missing From Single Network Site
- Cookie Based Brute Force Prevention
- Login Whitelist
Step 5 ) Once you are in the sub site admin panel dashboard, go to WP Security -> Brute Force -> Rename Login Page to set up this feature. The following shows you the options you can set up.
- Enable Rename Login Page Feature:
- Login Page URL:
- Click on Save Settings button once you have completed the set up.
After you have set up the Rename Login Page secret word the login URL will be different. The following URL shows you the single network site network-test-1 plus the secret word 123456.
This means that the following will not work any more.
Rename Login Page Test
Step 6 ) In this step you will test to see if Rename Login Page works correctly. When you go to the browser and enter the normal login path with wp-admin or wp-login you should see the following error message as illustrated in the following image. If you don’t then there is something wrong.
Browser Login Error Message
- WordPress > Error = This browser tab is showing you that the following URL has produced an error. This means that it is working.
- Not available = It is obvious that nothing should be displayed since you landed in a page that in theory does not exist any more. This also lets you know that the set up is working correctly.
To test to see if the security feature is working correctly, view the webpage source code via the browser.
The following HTML tags are displayed when you view the source code. There is a few more HTML code, some CSS and a little header also in the source code but that is all. This tells you that the security feature is working correctly.
The above instructions points out how this security feature works in a single network site. I highly recommend you to enable this feature in all your sub-sites.
If you have any questions please let me know.
Return to WordPress Multisite Tutorials