{"id":1776,"date":"2025-05-22T22:42:17","date_gmt":"2025-05-22T20:42:17","guid":{"rendered":"https:\/\/olvy.net\/blog\/?p=1776"},"modified":"2025-12-30T23:02:44","modified_gmt":"2025-12-30T22:02:44","slug":"how-to-run-wordpress-securely-in-a-sandbox-subfolder","status":"publish","type":"post","link":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/","title":{"rendered":"How to Run WordPress Securely in a Sandbox Subfolder"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-1058 aligncenter\" src=\"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png\" alt=\"Wordpress WooCommerce Nginx\" width=\"700\" height=\"366\" srcset=\"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png 700w, https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google-300x157.png 300w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/p>\r\n<p class=\"\" data-start=\"131\" data-end=\"400\">Running <a href=\"https:\/\/wordpress.org\/\" target=\"_blank\" rel=\"noopener\">WordPress<\/a> in a subfolder like <code data-start=\"169\" data-end=\"195\"><span style=\"font-size: 12pt;\">https:\/\/example.com\/blog<\/span><\/code> can help boost SEO, but it also introduces security concerns. WordPress and its plugins are common attack targets, and hosting them alongside your main website can expose the entire server if compromised.<\/p>\r\n<p class=\"\" data-start=\"402\" data-end=\"626\">This article explains how to <strong data-start=\"431\" data-end=\"474\">sandbox WordPress in a secure subfolder<\/strong> using either <a href=\"https:\/\/nginx.org\/\" target=\"_blank\" rel=\"noopener\"><strong data-start=\"488\" data-end=\"497\">Nginx<\/strong><\/a> or <a href=\"https:\/\/httpd.apache.org\/\" target=\"_blank\" rel=\"noopener\"><strong data-start=\"501\" data-end=\"511\">Apache<\/strong><\/a>, with separate system permissions and isolated PHP-FPM pools \u2014 reducing the risk of your main site being affected.<\/p>\r\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\"><p class=\"ez-toc-title\" style=\"cursor:inherit\">Contents<\/p>\n<\/div><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#why_sandbox_wordpress\" >Why Sandbox WordPress?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#prerequisites\" >Prerequisites<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#nginx_sandbox_configuration\" >Nginx Sandbox Configuration<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#apache_sandbox_configuration\" >Apache Sandbox Configuration<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#final_thoughts\" >Final Thoughts<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"\" data-start=\"633\" data-end=\"658\"><span class=\"ez-toc-section\" id=\"why_sandbox_wordpress\"><\/span>Why Sandbox WordPress?<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n<p class=\"\" data-start=\"660\" data-end=\"869\">WordPress is powerful but also complex and plugin-heavy. If exploited, it can grant attackers access to your web server, especially if everything runs under the same user account. Sandboxing WordPress ensures:<\/p>\r\n<ul data-start=\"870\" data-end=\"1125\">\r\n<li class=\"\" data-start=\"870\" data-end=\"951\">\r\n<p class=\"\" data-start=\"872\" data-end=\"951\"><strong data-start=\"872\" data-end=\"896\">Filesystem isolation<\/strong>: WordPress can\u2019t write or read outside its own folder.<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"870\" data-end=\"951\">\r\n<p class=\"\" data-start=\"872\" data-end=\"951\"><strong data-start=\"954\" data-end=\"975\">Process isolation<\/strong>: PHP-FPM runs under a unique user with limited permissions.<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"870\" data-end=\"951\">\r\n<p class=\"\" data-start=\"872\" data-end=\"951\"><strong data-start=\"1038\" data-end=\"1056\">Better control<\/strong>: Logs, errors, and performance metrics are easier to manage per app.<\/p>\r\n<\/li>\r\n<\/ul>\r\n<h2 class=\"\" data-start=\"1132\" data-end=\"1148\"><span class=\"ez-toc-section\" id=\"prerequisites\"><\/span>Prerequisites<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n<ul data-start=\"1150\" data-end=\"1305\">\r\n<li class=\"\" data-start=\"1150\" data-end=\"1190\">\r\n<p class=\"\" data-start=\"1152\" data-end=\"1190\">A Linux server running Nginx or Apache<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"1191\" data-end=\"1243\">\r\n<p class=\"\" data-start=\"1193\" data-end=\"1243\">PHP-FPM installed and configured with Unix sockets<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"1244\" data-end=\"1305\">\r\n<p class=\"\" data-start=\"1246\" data-end=\"1305\">A dedicated system user (e.g., <code data-start=\"1277\" data-end=\"1283\">blog<\/code>) to isolate WordPress<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"1244\" data-end=\"1305\">\r\n<p class=\"\" data-start=\"1246\" data-end=\"1305\">Assuming that WordPress is jailed in a separate subfolder, like:<br \/><code><span style=\"font-size: 12pt;\">\/home\/blog\/public_html\/<\/span><\/code><\/p>\r\n<\/li>\r\n<\/ul>\r\n<h2 class=\"\" data-start=\"718\" data-end=\"751\"><span class=\"ez-toc-section\" id=\"nginx_sandbox_configuration\"><\/span>Nginx Sandbox Configuration<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n<p class=\"\" data-start=\"753\" data-end=\"914\">Place the following configuration blocks <strong data-start=\"794\" data-end=\"845\">before the main site&#8217;s location rules<\/strong> to ensure priority handling of <code data-start=\"877\" data-end=\"884\"><span style=\"font-size: 12pt;\">\/blog<\/span><\/code> requests. This configuration:<\/p>\r\n<ul data-start=\"915\" data-end=\"1049\">\r\n<li class=\"\" data-start=\"915\" data-end=\"959\">\r\n<p class=\"\" data-start=\"917\" data-end=\"959\">Caches and serves static files efficiently<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"960\" data-end=\"1007\">\r\n<p class=\"\" data-start=\"962\" data-end=\"1007\">Uses a dedicated PHP-FPM socket for WordPress<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"1008\" data-end=\"1049\">\r\n<p class=\"\" data-start=\"1010\" data-end=\"1049\">Ensures URL rewriting works as expected<\/p>\r\n<\/li>\r\n<\/ul>\r\n<div class=\"level2\">\r\n<pre class=\"prettyprint  lang-nginx prettyprinted\"><span style=\"font-size: 12pt;\"><span class=\"pln\">[...]<br \/><br \/>location <\/span><span class=\"pun\">~<\/span> <span class=\"pun\">^<\/span><span class=\"str\">\/blog\/<\/span><span class=\"pun\">(.*<\/span><span class=\"pln\">\\.<\/span><span class=\"pun\">(<\/span><span class=\"pln\">eot<\/span><span class=\"pun\">|<\/span><span class=\"pln\">otf<\/span><span class=\"pun\">|<\/span><span class=\"pln\">woff<\/span><span class=\"pun\">|<\/span><span class=\"pln\">woff2<\/span><span class=\"pun\">|<\/span><span class=\"pln\">ttf<\/span><span class=\"pun\">|<\/span><span class=\"pln\">css<\/span><span class=\"pun\">|<\/span><span class=\"pln\">svg<\/span><span class=\"pun\">|<\/span><span class=\"pln\">webp<\/span><span class=\"pun\">|<\/span><span class=\"pln\">js<\/span><span class=\"pun\">|<\/span><span class=\"pln\">jpg<\/span><span class=\"pun\">|<\/span><span class=\"pln\">jpeg<\/span><span class=\"pun\">|<\/span><span class=\"pln\">gif<\/span><span class=\"pun\">|<\/span><span class=\"pln\">png<\/span><span class=\"pun\">|<\/span><span class=\"pln\">ico<\/span><span class=\"pun\">|<\/span><span class=\"pln\">zip<\/span><span class=\"pun\">|<\/span><span class=\"pln\">tgz<\/span><span class=\"pun\">|<\/span><span class=\"pln\">gz<\/span><span class=\"pun\">|<\/span><span class=\"pln\">rar<\/span><span class=\"pun\">|<\/span><span class=\"pln\">bz2<\/span><span class=\"pun\">|<\/span><span class=\"pln\">xls<\/span><span class=\"pun\">|<\/span><span class=\"pln\">txt<\/span><span class=\"pun\">|<\/span><span class=\"pln\">tar<\/span><span class=\"pun\">|<\/span><span class=\"pln\">bmp<\/span><span class=\"pun\">))<\/span><span class=\"pln\">$ <\/span><span class=\"pun\">{<\/span>\r\n        <span class=\"kwd\">alias<\/span> <span class=\"pun\">\/<\/span><span class=\"pln\">home<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">public_html<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">$1<\/span><span class=\"pun\">;<\/span><span class=\"pln\">\r\n        expires <\/span><span class=\"lit\">1y<\/span><span class=\"pun\">;<\/span><span class=\"pln\">\r\n        log_not_found off<\/span><span class=\"pun\">;<\/span><span class=\"pln\">\r\n        access_log off<\/span><span class=\"pun\">;<\/span>\r\n<span class=\"pun\">}<\/span><span class=\"pln\">\r\n\r\nlocation <\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog <\/span><span class=\"pun\">{<\/span>\r\n        <span class=\"kwd\">alias<\/span> <span class=\"pun\">\/<\/span><span class=\"pln\">home<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">public_html<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">;<\/span><span class=\"pln\">\r\n        try_files $uri $uri<\/span><span class=\"pun\">\/<\/span> <span class=\"lit\">@blog<\/span><span class=\"pun\">;<\/span>\r\n        <span class=\"kwd\">if<\/span> <span class=\"pun\">(<\/span><span class=\"pln\">$args <\/span><span class=\"pun\">~<\/span> <span class=\"str\">\"^author=\\d\"<\/span><span class=\"pun\">)<\/span> <span class=\"pun\">{<\/span> <span class=\"kwd\">return<\/span> <span class=\"lit\">403<\/span><span class=\"pun\">;<\/span> <span class=\"pun\">}<\/span><span class=\"pln\">\r\n\r\n        location <\/span><span class=\"pun\">~<\/span><span class=\"pln\"> \\.php$ <\/span><span class=\"pun\">{<\/span><span class=\"pln\">\r\n                fastcgi_pass unix<\/span><span class=\"pun\">:<\/span><span class=\"str\">\/run\/<\/span><span class=\"pln\">php<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">php8<\/span><span class=\"pun\">.<\/span><span class=\"lit\">4<\/span><span class=\"pun\">-<\/span><span class=\"pln\">fpm<\/span><span class=\"pun\">.<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">.<\/span><span class=\"pln\">sock<\/span><span class=\"pun\">;<\/span><span class=\"pln\">\r\n                fastcgi_param SCRIPT_FILENAME $request_filename<\/span><span class=\"pun\">;<\/span><span class=\"pln\">\r\n                fastcgi_split_path_info <\/span><span class=\"pun\">^(.+<\/span><span class=\"pln\">\\.php<\/span><span class=\"pun\">)(\/.+)<\/span><span class=\"pln\">$<\/span><span class=\"pun\">;<\/span><span class=\"pln\">\r\n                include fastcgi_params<\/span><span class=\"pun\">;<\/span>\r\n        <span class=\"pun\">}<\/span>\r\n<span class=\"pun\">}<\/span><span class=\"pln\">\r\n\r\nlocation <\/span><span class=\"lit\">@blog<\/span> <span class=\"pun\">{<\/span><span class=\"pln\">\r\n        rewrite <\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">\/(.*)<\/span><span class=\"pln\">$ <\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">index<\/span><span class=\"pun\">.<\/span><span class=\"pln\">php<\/span><span class=\"pun\">?\/<\/span><span class=\"pln\">$1 <\/span><span class=\"kwd\">last<\/span><span class=\"pun\">;<\/span>\r\n<span class=\"pun\">}<br \/><br \/><span class=\"pln\">[...]<\/span><br \/><\/span><\/span><\/pre>\r\n<h2 class=\"\" data-start=\"1056\" data-end=\"1090\"><span class=\"ez-toc-section\" id=\"apache_sandbox_configuration\"><\/span>Apache Sandbox Configuration<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n<p class=\"\" data-start=\"1092\" data-end=\"1255\">Insert the Apache configuration <strong data-start=\"1124\" data-end=\"1180\">before any <code data-start=\"1137\" data-end=\"1150\">&lt;Directory&gt;<\/code> blocks for the main website<\/strong>, This:<\/p>\r\n<ul data-start=\"1256\" data-end=\"1408\">\r\n<li class=\"\" data-start=\"1256\" data-end=\"1304\">\r\n<p class=\"\" data-start=\"1258\" data-end=\"1304\">Maps <code data-start=\"1263\" data-end=\"1270\"><span style=\"font-size: 12pt;\">\/blog<\/span><\/code> to its own directory with <code data-start=\"1297\" data-end=\"1304\"><span style=\"font-size: 12pt;\">Alias<\/span><\/code><\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"1305\" data-end=\"1355\">\r\n<p class=\"\" data-start=\"1307\" data-end=\"1355\">Uses <code data-start=\"1312\" data-end=\"1324\"><span style=\"font-size: 12pt;\">SetHandler<\/span><\/code> with a separate PHP-FPM socket<\/p>\r\n<\/li>\r\n<li class=\"\" data-start=\"1356\" data-end=\"1408\">\r\n<p class=\"\" data-start=\"1358\" data-end=\"1408\">Maintains strict control over access and overrides<\/p>\r\n<\/li>\r\n<\/ul>\r\n<div class=\"level2\">\r\n<pre class=\"prettyprint  lang-apache prettyprinted\"><span style=\"font-size: 12pt;\"><span class=\"typ\"><span class=\"pln\">[...]<\/span><br \/><br \/>Alias<\/span> <span class=\"str\">\"\/blog\"\"\/home\/blog\/public_html\"<\/span>\r\n\r\n<span class=\"pun\">&lt;<\/span><span class=\"typ\">Directory<\/span> <span class=\"pun\">\/<\/span><span class=\"pln\">home<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">blog<\/span><span class=\"pun\">\/<\/span><span class=\"pln\">public_html<\/span><span class=\"pun\">&gt;<\/span>\r\n    <span class=\"typ\">Options<\/span> <span class=\"pun\">-<\/span><span class=\"typ\">Indexes<\/span> <span class=\"pun\">+<\/span><span class=\"typ\">SymLinksIfOwnerMatch<\/span>\r\n    <span class=\"typ\">AllowOverride<\/span> <span class=\"typ\">All<\/span>\r\n    <span class=\"typ\">Require<\/span><span class=\"pln\"> all granted\r\n    \r\n    <\/span><span class=\"pun\">&lt;<\/span><span class=\"typ\">FilesMatch<\/span><span class=\"pln\"> \\.php$<\/span><span class=\"pun\">&gt;<\/span>\r\n        <span class=\"typ\">SetHandler<\/span> <span class=\"str\">\"proxy:unix:\/run\/php\/php8.4-fpm.blog.sock|fcgi:\/\/localhost\"<\/span>\r\n    <span class=\"pun\">&lt;\/<\/span><span class=\"typ\">FilesMatch<\/span><span class=\"pun\">&gt;<\/span>\r\n<span class=\"pun\">&lt;\/<\/span><span class=\"typ\">Directory<\/span><span class=\"pun\">&gt;<br \/><br \/><span class=\"pln\">[...]<\/span><br \/><\/span><\/span><\/pre>\r\n<h2 class=\"\" data-start=\"2170\" data-end=\"2187\"><span class=\"ez-toc-section\" id=\"final_thoughts\"><\/span>Final Thoughts<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n<p class=\"\" data-start=\"2189\" data-end=\"2468\">By sandboxing WordPress in a subfolder with its own user and PHP-FPM socket, you achieve a strong layer of isolation without losing SEO benefits. This approach is ideal for shared environments or when you want maximum control over what WordPress can and cannot do on your server.<\/p>\r\n<hr \/><em>About Olvy ( <a href=\"https:\/\/olvy.net\/\">www.olvy.net<\/a> ) :<\/em>\r\n<p data-start=\"2189\" data-end=\"2468\"><!-- \/wp:post-content -->\r\n\r\n<!-- wp:paragraph --><\/p>\r\n<em>Olvy is a private and independent Limited Liability Company based in Bratislava, Slovakia, in the heart of Europe. We combined our invaluable 20+ years experience to develop innovative and reliable, lightning-fast and affordable Managed Cloud Hosting services for Everyone. From a small blog to a growing eCommerce \u2013 Olvy takes care of your website 24\/7.<\/em><\/div>\r\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Running WordPress in a subfolder like https:\/\/example.com\/blog can help boost SEO, but it also introduces security concerns. WordPress and its plugins are common attack targets,&hellip;<\/p>\n","protected":false},"author":23,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[17,156],"tags":[135,86,136,84],"class_list":["post-1776","post","type-post","status-publish","format-standard","hentry","category-guides","category-wordpress","tag-apache","tag-nginx","tag-sandbox","tag-wordpress"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to Run WordPress Securely in a Sandbox Subfolder - Olvy Blog<\/title>\n<meta name=\"description\" content=\"Securely run WordPress in a subfolder by isolating it with Nginx or Apache using a separate user and PHP-FPM pool\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Run WordPress Securely in a Sandbox Subfolder - Olvy Blog\" \/>\n<meta property=\"og:description\" content=\"Securely run WordPress in a subfolder by isolating it with Nginx or Apache using a separate user and PHP-FPM pool\" \/>\n<meta property=\"og:url\" content=\"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/\" \/>\n<meta property=\"og:site_name\" content=\"Olvy Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/olvycloud\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-22T20:42:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-30T22:02:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png\" \/>\n\t<meta property=\"og:image:width\" content=\"700\" \/>\n\t<meta property=\"og:image:height\" content=\"366\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"olvywriter\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@olvycloud\" \/>\n<meta name=\"twitter:site\" content=\"@olvycloud\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"olvywriter\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/\"},\"author\":{\"name\":\"olvywriter\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#\\\/schema\\\/person\\\/256b8cc1d90850acce9336449b2bced1\"},\"headline\":\"How to Run WordPress Securely in a Sandbox Subfolder\",\"datePublished\":\"2025-05-22T20:42:17+00:00\",\"dateModified\":\"2025-12-30T22:02:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/\"},\"wordCount\":366,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/olvy.net\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/wordpress_woocommerce_nginx_google.png\",\"keywords\":[\"apache\",\"nginx\",\"sandbox\",\"wordpress\"],\"articleSection\":[\"Hosting Guides\",\"WordPress\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/\",\"url\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/\",\"name\":\"How to Run WordPress Securely in a Sandbox Subfolder - Olvy Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/olvy.net\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/wordpress_woocommerce_nginx_google.png\",\"datePublished\":\"2025-05-22T20:42:17+00:00\",\"dateModified\":\"2025-12-30T22:02:44+00:00\",\"description\":\"Securely run WordPress in a subfolder by isolating it with Nginx or Apache using a separate user and PHP-FPM pool\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#primaryimage\",\"url\":\"https:\\\/\\\/olvy.net\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/wordpress_woocommerce_nginx_google.png\",\"contentUrl\":\"https:\\\/\\\/olvy.net\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/wordpress_woocommerce_nginx_google.png\",\"width\":700,\"height\":366,\"caption\":\"Wordpress WooCommerce Nginx\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/olvy.net\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Run WordPress Securely in a Sandbox Subfolder\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/olvy.net\\\/blog\\\/\",\"name\":\"Olvy Blog\",\"description\":\"News, Guides, Information\",\"publisher\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/olvy.net\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#organization\",\"name\":\"Olvy s.r.o.\",\"alternateName\":\"Olvy\",\"url\":\"https:\\\/\\\/olvy.net\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/olvy.net\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/olvy_400x400.png\",\"contentUrl\":\"https:\\\/\\\/olvy.net\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/olvy_400x400.png\",\"width\":400,\"height\":400,\"caption\":\"Olvy s.r.o.\"},\"image\":{\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/olvycloud\\\/\",\"https:\\\/\\\/x.com\\\/olvycloud\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/olvycloud\",\"https:\\\/\\\/mastodon.social\\\/@olvy\",\"https:\\\/\\\/www.threads.net\\\/@olvycloud\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/olvy.net\\\/blog\\\/#\\\/schema\\\/person\\\/256b8cc1d90850acce9336449b2bced1\",\"name\":\"olvywriter\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ff7e0e4a07337c1c8a0c3184bd6638752265a156749d4d61e23010abe0a6abc4?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ff7e0e4a07337c1c8a0c3184bd6638752265a156749d4d61e23010abe0a6abc4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/ff7e0e4a07337c1c8a0c3184bd6638752265a156749d4d61e23010abe0a6abc4?s=96&d=mm&r=g\",\"caption\":\"olvywriter\"},\"url\":\"https:\\\/\\\/olvy.net\\\/blog\\\/author\\\/olvywriter\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Run WordPress Securely in a Sandbox Subfolder - Olvy Blog","description":"Securely run WordPress in a subfolder by isolating it with Nginx or Apache using a separate user and PHP-FPM pool","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/","og_locale":"en_US","og_type":"article","og_title":"How to Run WordPress Securely in a Sandbox Subfolder - Olvy Blog","og_description":"Securely run WordPress in a subfolder by isolating it with Nginx or Apache using a separate user and PHP-FPM pool","og_url":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/","og_site_name":"Olvy Blog","article_publisher":"https:\/\/www.facebook.com\/olvycloud\/","article_published_time":"2025-05-22T20:42:17+00:00","article_modified_time":"2025-12-30T22:02:44+00:00","og_image":[{"width":700,"height":366,"url":"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png","type":"image\/png"}],"author":"olvywriter","twitter_card":"summary_large_image","twitter_creator":"@olvycloud","twitter_site":"@olvycloud","twitter_misc":{"Written by":"olvywriter","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#article","isPartOf":{"@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/"},"author":{"name":"olvywriter","@id":"https:\/\/olvy.net\/blog\/#\/schema\/person\/256b8cc1d90850acce9336449b2bced1"},"headline":"How to Run WordPress Securely in a Sandbox Subfolder","datePublished":"2025-05-22T20:42:17+00:00","dateModified":"2025-12-30T22:02:44+00:00","mainEntityOfPage":{"@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/"},"wordCount":366,"commentCount":0,"publisher":{"@id":"https:\/\/olvy.net\/blog\/#organization"},"image":{"@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#primaryimage"},"thumbnailUrl":"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png","keywords":["apache","nginx","sandbox","wordpress"],"articleSection":["Hosting Guides","WordPress"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/","url":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/","name":"How to Run WordPress Securely in a Sandbox Subfolder - Olvy Blog","isPartOf":{"@id":"https:\/\/olvy.net\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#primaryimage"},"image":{"@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#primaryimage"},"thumbnailUrl":"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png","datePublished":"2025-05-22T20:42:17+00:00","dateModified":"2025-12-30T22:02:44+00:00","description":"Securely run WordPress in a subfolder by isolating it with Nginx or Apache using a separate user and PHP-FPM pool","breadcrumb":{"@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#primaryimage","url":"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png","contentUrl":"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/wordpress_woocommerce_nginx_google.png","width":700,"height":366,"caption":"Wordpress WooCommerce Nginx"},{"@type":"BreadcrumbList","@id":"https:\/\/olvy.net\/blog\/how-to-run-wordpress-securely-in-a-sandbox-subfolder\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/olvy.net\/blog\/"},{"@type":"ListItem","position":2,"name":"How to Run WordPress Securely in a Sandbox Subfolder"}]},{"@type":"WebSite","@id":"https:\/\/olvy.net\/blog\/#website","url":"https:\/\/olvy.net\/blog\/","name":"Olvy Blog","description":"News, Guides, Information","publisher":{"@id":"https:\/\/olvy.net\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/olvy.net\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/olvy.net\/blog\/#organization","name":"Olvy s.r.o.","alternateName":"Olvy","url":"https:\/\/olvy.net\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/olvy.net\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/olvy_400x400.png","contentUrl":"https:\/\/olvy.net\/blog\/wp-content\/uploads\/2023\/01\/olvy_400x400.png","width":400,"height":400,"caption":"Olvy s.r.o."},"image":{"@id":"https:\/\/olvy.net\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/olvycloud\/","https:\/\/x.com\/olvycloud","https:\/\/www.linkedin.com\/company\/olvycloud","https:\/\/mastodon.social\/@olvy","https:\/\/www.threads.net\/@olvycloud"]},{"@type":"Person","@id":"https:\/\/olvy.net\/blog\/#\/schema\/person\/256b8cc1d90850acce9336449b2bced1","name":"olvywriter","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/ff7e0e4a07337c1c8a0c3184bd6638752265a156749d4d61e23010abe0a6abc4?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/ff7e0e4a07337c1c8a0c3184bd6638752265a156749d4d61e23010abe0a6abc4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ff7e0e4a07337c1c8a0c3184bd6638752265a156749d4d61e23010abe0a6abc4?s=96&d=mm&r=g","caption":"olvywriter"},"url":"https:\/\/olvy.net\/blog\/author\/olvywriter\/"}]}},"_links":{"self":[{"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/posts\/1776","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/comments?post=1776"}],"version-history":[{"count":14,"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/posts\/1776\/revisions"}],"predecessor-version":[{"id":1790,"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/posts\/1776\/revisions\/1790"}],"wp:attachment":[{"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/media?parent=1776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/categories?post=1776"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/olvy.net\/blog\/wp-json\/wp\/v2\/tags?post=1776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}