Running ProcessWire alongside other software

ProcessWire will happily run alongside almost any other PHP application, including other CMSs. However, security on your site will only be as good as the weakest link.

The more applications running on the same account, the greater the potential security issues. This is particularly a concern when running ProcessWire alongside a highly targeted CMS like WordPress, which we will use only here as an example. If your WordPress blog gets hacked, there's a chance your ProcessWire installation will also be compromised since they exist on the same account and file system.

You can avoid this potential issue by jailing applications from one another via separate accounts and/or subdomains. Specifically, this means that one account/subdomain does not have write access to the others.

As an example, lets say your ProcessWire installation runs at domain.com and your WordPress blog runs at domain.com/blog/. It would be preferable for your blog to live at blog.domain.com, on an account jailed from the ProcessWire installation. That way, when your WordPress blog gets hacked, the damage is limited to the blog and not your entire site.

Latest news

  • ProcessWire Weekly #556
    In the 556th issue of ProcessWire Weekly we're going to share the latest core development news, highlight a new third party module, and more. Read on!
    Weekly.pw / 4 January 2025
  • Custom Fields Module
    This week we look at a new ProFields module named Custom Fields. This module provides a way to rapidly build out ProcessWire fields that contain any number of subfields/properties within them.
    Blog / 30 August 2024
  • Subscribe to weekly ProcessWire news

“We were really happy to build our new portfolio website on ProcessWire! We wanted something that gave us plenty of control on the back-end, without any bloat on the front end - just a nice, easy to access API for all our content that left us free to design and build however we liked.” —Castus, web design agency in Sheffield, UK