How can we help?

Table of Contents

How Secure is the MainWP Plugin?

Let’s go through the security measures we utilize to keep MainWP and your websites safe.

  • Your MainWP Dashboard and your Child Sites have OpenSSL encrypted communication. If OpenSSL is not available on your servers, or does not work properly, MainWP uses PHPSecLib as a fallback
  • A website can only be added to one MainWP Dashboard. Once connected, there is no chance it can be connected to another Dashboard at the same time
  • WordPress passwords are not stored on the MainWP Dashboard
  • Regular penetration tests are performed with a white hat security program on PatchStack and HackerOne
  • In-house development for all the features
  • Trusted by over 600,000 WordPress websites worldwide
  • MainWP Dashboard is a self-hosted plugin that you install on your own hosting server, giving you complete control over the security and privacy


Couldn’t someone else connect their Main Dashboard to my child?

Once the Child and MainWP Dashboard are connected, someone would need access to your child sites WP-Admin to disable and re-enable the plugin, thus breaking the connection between the two.

Why do most of the alternative systems use a unique ID if it’s not necessary?

We have strived from the beginning of development to make everything as user-friendly as possible. We found requiring you to enter a unique ID a wasted step for users when we can programmatically establish the secure locked connection without additional user input.

We believe if someone can get into your Child sites wp-admin area to disable and re-enable the MainWP Child Plugin to break your Main Dashboards lock on it, then you probably have bigger security problems than a unique ID is going to solve.

However, we always try to listen to our users, and we know some of you do not feel secure without having a unique security ID for each of the child sites, so we added one for you in Main Version 0.1.0 and Child Versions 0.1 and above.

The Unique Security ID will need to match when being added to the Main Dashboard. This is additional security and should not be needed in most situations.

Still Have a Questions?
Search for additional solutions in the MainWP Community or start your own discussion