MainWP

How can we help?

MainWP Documentation > Miscellaneous > How Secure is the MainWP Plugin?
Table of Contents

How Secure is the MainWP Plugin?

Let’s go through the security measures we utilize to keep MainWP and your websites safe.

  • Your MainWP Dashboard and your Child Sites have OpenSSL encrypted communication. If OpenSSL is not available on your servers, or does not work properly, MainWP uses PHPSecLib as a fallback
  • A website can only be added to one MainWP Dashboard. Once connected, there is no chance it can be connected to another Dashboard at the same time
  • WordPress passwords are not stored on the MainWP Dashboard
  • Regular penetration tests are performed with a white hat security program on PatchStack and HackerOne
  • In-house development for all the features
  • Trusted by over 600,000 WordPress websites worldwide
  • MainWP Dashboard is a self-hosted plugin that you install on your own hosting server, giving you complete control over the security and privacy

 

Couldn’t someone else connect their Main Dashboard to my child?

Once the Child and MainWP Dashboard are connected, someone would need access to your child sites WP-Admin to disable and re-enable the plugin, thus breaking the connection between the two.

Why do most of the alternative systems use a unique ID if it’s not necessary?

We have strived from the beginning of development to make everything as user-friendly as possible. We found requiring you to enter a unique ID a wasted step for users when we can programmatically establish the secure locked connection without additional user input.

We believe if someone can get into your Child sites wp-admin area to disable and re-enable the MainWP Child Plugin to break your Main Dashboards lock on it, then you probably have bigger security problems than a unique ID is going to solve.

However, we always try to listen to our users, and we know some of you do not feel secure without having a unique security ID for each of the child sites, so we added one for you in Main Version 0.1.0 and Child Versions 0.1 and above.

The Unique Security ID will need to match when being added to the Main Dashboard. This is additional security and should not be needed in most situations.

Still Have a Questions?
Search for additional solutions in the MainWP Community or start your own discussion
MainWP Community

Still Have a Questions?

Search for additional solutions in the MainWP Community or start your own discussion.
MainWP Community
MainWP Affiliate Disclosure: Some of the links contained in the post or pages are “affiliate links.” This means if you click on the link and purchase or subscribe to a recommended item, We will receive an affiliate commission. We only recommend products or services we believe have value to MainWP users and readers. This is disclosed in accordance with the Federal Trade Commission’s 16 CFR, Part 255: “Guides Concerning the Use of Endorsements and Testimonials in Advertising.
© MainWP - WordPress Management for Professionals 2014 - 2023 - Terms of Service - Privacy Policy - Cookie Policy - Support Policy - Refund Policy
Facebook Twitter Discourse