How does MainWP authenticate to child sites?

Interestingly there isn’t any authentication that you have to setup between child sites and the dashboard. How does it authenticate? Is the child site willing to add itself to the first dashboard that requests it? Is that why the child site warns about connecting to a dashboard to prevent a possible security risk?

1 Like

When MainWP Dashboard connects to a child site for the first time, it generates Public and Private key pair (2048 bits length) by using the openssl_pkey_new() OpenSSL function. The public key gets saved on the child site, and the Private key gets saved on MainWP Dashboard.

Yes and Yes, if you are not going to connect to your Dashboard right away either deactivate the child until you are ready or add a unique security ID to your Child site.

You can find out more in this KB article MainWP Dashboard - Child Synchronization Process Explained - MainWP Documentation

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.