Running ProcessWire alongside other software

ProcessWire will happily run alongside almost any other PHP application, including other CMSs. However, security on your site will only be as good as the weakest link.

The more applications running on the same account, the greater the potential security issues. This is particularly a concern when running ProcessWire alongside a highly targeted CMS like WordPress, which we will use only here as an example. If your WordPress blog gets hacked, there's a chance your ProcessWire installation will also be compromised since they exist on the same account and file system.

You can avoid this potential issue by jailing applications from one another via separate accounts and/or subdomains. Specifically, this means that one account/subdomain does not have write access to the others.

As an example, lets say your ProcessWire installation runs at domain.com and your WordPress blog runs at domain.com/blog/. It would be preferable for your blog to live at blog.domain.com, on an account jailed from the ProcessWire installation. That way, when your WordPress blog gets hacked, the damage is limited to the blog and not your entire site.

Latest news

  • ProcessWire Weekly #559
    The 559th issue of ProcessWire Weekly brings in all the latest news from the ProcessWire community. Modules, sites, and more. Read on!
    Weekly.pw / 25 January 2025
  • ProcessWire 3.0.244 new main/master version
    ProcessWire 3.0.244 is our newest main/master/stable version. It's been more than a year in the making and is packed with tons of new features, issue fixes, optimizations and more. This post covers all the details.
    Blog / 18 January 2025
  • Subscribe to weekly ProcessWire news

“Yesterday I sent the client a short documentation for their ProcessWire-powered website. Today all features already used with no questions. #cmsdoneright—Marc Hinse, Web designer/developer