Hacking Risks with Dashboard and Child Sites on SAME server

tony2476 · September 19, 2023, 11:40pm

I am wondering if there are any specific “hacking / exploit” risks that I should be aware of IF I host Child websites on the same server where the Main WP Dashboard is installed.

My concern is what happens IF a child site gets hacked. Would that hacker also gain access to ALL child sites via the the Dashboard plugin on the same server.

Does anyone in the community have any advice or security recommendations regarding the pros vs cons on installed the Dashboard and Child sites on the same server?

bojan · September 20, 2023, 12:51pm

Hi @tony2476

In short, no. There are no risks at all related to MainWP plugins themselves.

If a child site were to get hacked, the Dashboard would not be vulnerable just because that child site is added to a Dashboard.

Due to the nature of public key cryptography, the Dashboard can control the child site, but the child site cannot control the Dashboard in any way.

The only potential concern for this scenario would be if the hosting has poor app/site isolation.

So, the hacker could potentially use an exploit, which would be completely irrelevant and unrelated to MainWP, to gain access to the Dashboard site.

However, hosts these days are usually very good at isolation and overall security.

While there is a small increase in risk by hosting child sites and the Dashboard on the same server, that risk does not arise due to MainWP.

You can find out more more about MainWP security at this URL: https://mainwp.com/how-secure-is-mainwp/

tony2476 · September 22, 2023, 3:13pm

Thanks for answering my question about security.

system · October 22, 2023, 3:14pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.