So one of the big changes I made on my new slice is to centralize my WordPress blogs. I run three WordPress sites, and having to upload a whole new codebase three times while being careful not to overwrite my customizations, plugins, themes, etc. was beginning to grate. It would be better to have one unit of code that I could maintain and tweak. But was that possible without going down the MU route?
The answer is that not only is it possible, but it's also rather easy. I made a modification to my wp-config.php file that appends a host name prefix to every WP table in the database. So I run everything in one database, and the wordpress PHP code just chooses the tables to run off of based on the requested host. Pretty slick, because it also means I can keep all my themes, plugins, etc. in one place and just turn them on and off in the different tables. And I'm using Subversion to run updates, which means it doesn't overwrite files I've modified, while still letting me do updates with one command.
So I guess now that I've found such a convenient solution to my problem, I'm wondering
if it's vulnerable at all how vulnerable it is. I suppose I'm advertising any security holes, but I'm a pretty transparent internet user, and all the data's backed up anyway - plus, I keep a pretty good eye on the server, and it's locked up rather tight for anything that would be terribly damaging. But all you WordPress gurus: what do I need to know about this approach? Is it insecure? Are there performance issues with which I need to concern myself? This is running everything from my personal blog to a moderate traffic aggregator. I'd appreciate any insight or warnings or sharp tongue lashings you could provide.
And of course, this is only the first step. I still want to do a full reengineering of my stylesheet and clean up loose ends in the design. And I'm gonna implement some long-overdue social networking upgrades... you'll see. So stay tuned for more wordpress-y goodness.Read this article