Sharing Login Cookies Among WordPress Installs

I wanted to have two separate WordPress installs and have both utilize the same user database. I also wanted both sites to share the same login cookies so that they wouldn’t have to login to each site.

I found many examples of sharing the users, but the examples for sharing the cookies/user sessions were not working for me. Most of these examples were a few years old, and were missing a key step which was likely added by WordPress security enhancements (At the time of this post I’m running WordPress 4.7.2).

Be aware that you must edit each install’s wp-config.php file, so please make a backup of each before modifying it! In this example, site A is a top level domain (example.com), and site B is a subdomain (portal.example.com). In this example site B points to site A’s user tables.

Requirements:

  1. Site A’s & Site B’s user tables must be in the same database.
  2. Site A & Site B must share the same top level domain (Subdomains are fine).

Site A’s wp-config.php (example.com):

Insert the following code near the bottom of site A’s wp-config.php file, right before “/* That’s all, stop editing! Happy blogging. */” insert the following:

Replace the cookie domain string and the cookie hash string with your top level domain. Doing this will allow the cookies to be used in all subdomains/subdirectories. This is the only change to site A’s config.

Site B’s wp-config.php (portal.example.com):

Copy this information from site A to site B (I replaced the strings that were shown in mine with 0s):

This was the missing step! If the two wp-config.php files have different values, then the users will need to log in twice… And it actually clears the cookie of the first site you logged into. I haven’t made changes line by line, so I’m not sure if there is one line in particular that would do the trick. It might rely on one value being shared, a few, or all of them. I’m not sure.

Again, near the the bottom of site B’s wp-config.php file, right before “/* That’s all, stop editing! Happy blogging. */” insert the following code:

Notice that in addition to the cookie, we defined a custom user and user meta table. I won’t go into the details of that here as there are other blogs which you can reference.

Summary

  1. Site A & Site B must share the same cookie settings.
  2. Site A & Site B must share the same salts and keys settings.
  3. One of the sites must point to the other’s user/usermeta database.

I hope that this helps!

Posted in

2 Comments

  1. orlandomacandie on October 27, 2018 at 8:41 pm

    Hello there! I know this is kind of off topic but I was wondering if you knew where I could get a captcha plugin for my comment form? I’m using the same blog platform as yours and I’m having trouble finding one? Thanks a lot!

Leave a Comment