Share Login Cookies between WordPress Subdomains

I wrote a post early last month that walked you through how to share login cookies between two WordPress installations. In this post I’m going to take it a step further and break down the code to make sure it can be easily understood and used. The first WordPress install is actually exactly identical, so lets take a look at the wp-config.php file from the initial install as we’ll need some information from here to start the next step.

<?php
/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, and ABSPATH. You can find more information by visiting
 * {@link http://codex.wordpress.org/Editing_wp-config.php Editing wp-config.php}
 * Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name');

/** MySQL database username */
define('DB_USER', 'database_username');

/** MySQL database password */
define('DB_PASSWORD', 'database_password');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'XTq(A$}i4EvpOc!+}(nG;Yh0&-]IN-py+5d)+C?PqZ(ivgSZC_Z?[KJ)4c}Y$Y^#');
define('SECURE_AUTH_KEY',  'G<?e~n-jsE({2f6:V$(C7)4Ey2XBiC=LEs^^{tor=,KCI4bUxfH#ta(,9B5B/ue%');
define('LOGGED_IN_KEY',    '4ovK<g*e/;:-:SR^-d77)g1xOtatxI*DpV_I|zW<hl[uy%&~.b<lET7FJu[GD[9h');
define('NONCE_KEY',        '#=f}Tu.G,ktS- _//85)q~Qe(+&u+5rI[:Vem4#[`3UiKROZl<FzC>DmzLgZpS$/');
define('AUTH_SALT',        'V-E4_,r^rW|.>w43[T@^iGe]i&!dIIisu+KYRQ^E^BF+n5Z#N.)-:{@H?hT$Wv~5');
define('SECURE_AUTH_SALT', 'p>]:Mu#<cjOol6Q.N=]Sm[#/jc|dgri4++[`2c416|k|HzKZY&^cr|u0g31)&-g-');
define('LOGGED_IN_SALT',   '+RHv+pinC&[&HiA6aF+=P@w#}+ mOH;_!~,f-+R_D2M.!Gc>$7@&81|}IpWY}y&|');
define('NONCE_SALT',       '|g%(N{gm2vABg(t47P}^$s-<s[<*OMfz%JmSkb5N=;oC|@cfK?G$VtZ`I8?|=T~c');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 */
define('WP_DEBUG', false);

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
  define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

This is a copy of the default wp-config.php file that you may have as your current WordPress installation. The bits of this that we’re going to use for our second installation will be:

  • define(‘DB_NAME’, ‘database_name’);
  • define(‘DB_USER’, ‘database_username’);
  • define(‘DB_PASSWORD’, ‘database_password’);
  • define(‘DB_HOST’, ‘localhost’);
  • $table_prefix = ‘wp_’;

For step two we’ll just make an identical copy of the same wp_config.php file as if you’re hosting it on the same server that your other WordPress site is hosted on, then there is only one thing that needs to change so we can start step 3… the $table_prefix = ‘wp_’; variable. If you’re not hosting on the same server or using a remote database, then you’ll need to set the DB_HOST to the correct setting otherwise when you try to proceed with this installation your WordPress will not be able to connect to the database and your installation will not succeed. You will change the table_prefix to anything other than what’s listed there. If you are only going to have two installs, it’s easy to know which site uses which prefix so you can just use something like

$table_prefix = 'wp2_';

for sites that may be preparing to build many sites then I’d recommend something that will identify your wordpress tables.

$table_prefix = 'subdomain_name_';

From there run through your normal installation. So far this is pretty straight forward and there haven’t been any errors that have popped up. If there are, feel free to contact us and we can help sort out any database troubles you’ve run into. Now that you have two functioning WordPress installs, we’re going to modify the wp-config.php file once more. In both wp-config.php files, one from your initial install and one from your second install, you will add the following line

define('COOKIEHASH', md5('random_string')); /*replace 'random_string' with a 22 character string of numbers, letters, and symbols*/

This line can be added after the define(‘WP_DEBUG’, true); line, before the /* That’s all, stop editing! Happy blogging. */ comment. In your second install, the one where you changed the $table_prefix variable, you’ll also add the following lines. Pay special attention to which wp-config.php file you’re editing for this step. In your initial wp-config.php file:

define('COOKIEPATH', '/');
define('SITECOOKIEPATH','/');

In your second installation (and third, fourth, fifth, etc…) wp-config.php file:

define(CUSTOM_USER_TABLE, 'wp_users');
define(CUSTOM_USER_META_TABLE, 'wp_usermeta');
define('COOKIEPATH','domain.com/'); // Replace with your initial domain name
define('SITECOOKIEPATH','domain.com/'); // Replace with your initial domain name

You may have noticed the comments after the last two line… You will need to replace these with the correct root domain. For example, if you are using domain.com and sub.domain.com then on the sub.domain.com‘s wp-config.php file you’ll place ‘domain.com/‘ where specified. You will also need to correct the ‘wp_users’ and ‘wp_usermeta’ prefixes if you used something other than the default ‘wp_’ database prefix on your initial installation. Now you have two WordPress installations for subdomains sharing the same users table AND their associated login cookies. Here are the completed wp-config.php files. Initial Install:

<?php
/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, and ABSPATH. You can find more information by visiting
 * {@link http://codex.wordpress.org/Editing_wp-config.php Editing wp-config.php}
 * Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name');

/** MySQL database username */
define('DB_USER', 'database_username');

/** MySQL database password */
define('DB_PASSWORD', 'database_password');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'XTq(A$}i4EvpOc!+}(nG;Yh0&-]IN-py+5d)+C?PqZ(ivgSZC_Z?[KJ)4c}Y$Y^#');
define('SECURE_AUTH_KEY',  'G<?e~n-jsE({2f6:V$(C7)4Ey2XBiC=LEs^^{tor=,KCI4bUxfH#ta(,9B5B/ue%');
define('LOGGED_IN_KEY',    '4ovK<g*e/;:-:SR^-d77)g1xOtatxI*DpV_I|zW<hl[uy%&~.b<lET7FJu[GD[9h');
define('NONCE_KEY',        '#=f}Tu.G,ktS- _//85)q~Qe(+&u+5rI[:Vem4#[`3UiKROZl<FzC>DmzLgZpS$/');
define('AUTH_SALT',        'V-E4_,r^rW|.>w43[T@^iGe]i&!dIIisu+KYRQ^E^BF+n5Z#N.)-:{@H?hT$Wv~5');
define('SECURE_AUTH_SALT', 'p>]:Mu#<cjOol6Q.N=]Sm[#/jc|dgri4++[`2c416|k|HzKZY&^cr|u0g31)&-g-');
define('LOGGED_IN_SALT',   '+RHv+pinC&[&HiA6aF+=P@w#}+ mOH;_!~,f-+R_D2M.!Gc>$7@&81|}IpWY}y&|');
define('NONCE_SALT',       '|g%(N{gm2vABg(t47P}^$s-<s[<*OMfz%JmSkb5N=;oC|@cfK?G$VtZ`I8?|=T~c');
define('SECRET_SALT',      '1x?,z6/El.2!ZQXYoCJup>_c`g6^`-E)Jpk~KSa7O90A5VPb E|p8Dx}Ee$F*9,!');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 */
define('WP_DEBUG', true);
define('COOKIEPATH', '/');
define('SITECOOKIEPATH','/');
define('COOKIEHASH', md5('1234567890123456789'));

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
  define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

Second Installation for subdomain:

<?php
/**
 * The base configurations of the WordPress.
 *
 * This file has the following configurations: MySQL settings, Table Prefix,
 * Secret Keys, and ABSPATH. You can find more information by visiting
 * {@link http://codex.wordpress.org/Editing_wp-config.php Editing wp-config.php}
 * Codex page. You can get the MySQL settings from your web host.
 *
 * This file is used by the wp-config.php creation script during the
 * installation. You don't have to use the web site, you can just copy this file
 * to "wp-config.php" and fill in the values.
 *
 * @package WordPress
 */

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name');

/** MySQL database username */
define('DB_USER', 'database_username');

/** MySQL database password */
define('DB_PASSWORD', 'database_password');

/** MySQL hostname */
define('DB_HOST', 'localhost');

/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');

/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'XTq(A$}i4EvpOc!+}(nG;Yh0&-]IN-py+5d)+C?PqZ(ivgSZC_Z?[KJ)4c}Y$Y^#');
define('SECURE_AUTH_KEY',  'G<?e~n-jsE({2f6:V$(C7)4Ey2XBiC=LEs^^{tor=,KCI4bUxfH#ta(,9B5B/ue%');
define('LOGGED_IN_KEY',    '4ovK<g*e/;:-:SR^-d77)g1xOtatxI*DpV_I|zW<hl[uy%&~.b<lET7FJu[GD[9h');
define('NONCE_KEY',        '#=f}Tu.G,ktS- _//85)q~Qe(+&u+5rI[:Vem4#[`3UiKROZl<FzC>DmzLgZpS$/');
define('AUTH_SALT',        'V-E4_,r^rW|.>w43[T@^iGe]i&!dIIisu+KYRQ^E^BF+n5Z#N.)-:{@H?hT$Wv~5');
define('SECURE_AUTH_SALT', 'p>]:Mu#<cjOol6Q.N=]Sm[#/jc|dgri4++[`2c416|k|HzKZY&^cr|u0g31)&-g-');
define('LOGGED_IN_SALT',   '+RHv+pinC&[&HiA6aF+=P@w#}+ mOH;_!~,f-+R_D2M.!Gc>$7@&81|}IpWY}y&|');
define('NONCE_SALT',       '|g%(N{gm2vABg(t47P}^$s-<s[<*OMfz%JmSkb5N=;oC|@cfK?G$VtZ`I8?|=T~c');
define('SECRET_SALT',      '1x?,z6/El.2!ZQXYoCJup>_c`g6^`-E)Jpk~KSa7O90A5VPb E|p8Dx}Ee$F*9,!');

/**#@-*/

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp2_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 */
define('WP_DEBUG', false);
define(CUSTOM_USER_TABLE, 'wp_users');
define(CUSTOM_USER_META_TABLE, 'wp_usermeta');
define('COOKIEPATH','domain.com/');
define('SITECOOKIEPATH','domain.com/');
define('COOKIEHASH', md5('1234567890123456789'));

/* That's all, stop editing! Happy blogging. */

/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
  define('ABSPATH', dirname(__FILE__) . '/');

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . 'wp-settings.php');

This set up is great if you want to have multiple websites that have the same users table. It can also be used to subdirectory installs if your web hosting company isn’t awesome. If you like this post, please share it or sign up for a hosting account.

1 comment

  • I don’t get this part

    For example if you are using greentiehosting.com and sub.greentiehosting.com then on the sub.greentiehosting.com‘s wp-config.php file you’ll place ‘stoute.co/‘ where specified.

    ??

Leave your comment

Table of contents

Submit your RFP

We can't wait to read about your project. Use the form below to submit your RFP!

Gabrielle Buff
Gabrielle Buff

Just left us a 5 star review

Great customer service and was able to walk us through the various options available to us in a way that made sense. Would definitely recommend!

Stoute Web Solutions has been a valuable resource for our business. Their attention to detail, expertise, and willingness to help at a moment's notice make them an essential support system for us.

Paul and the team are very professional, courteous, and efficient. They always respond immediately even to my minute concerns. Also, their SEO consultation is superb. These are good people!

Paul Stoute & his team are top notch! You will not find a more honest, hard working group whose focus is the success of your business. If you’re ready to work with the best to create the best for your business, go Stoute Web Solutions; you’ll definitely be glad you did!

Wonderful people that understand our needs and make it happen!

Paul is the absolute best! Always there with solutions in high pressure situations. A steady hand; always there when needed; I would recommend Paul to anyone!

facebook
Vince Fogliani
recommends

The team over at Stoute web solutions set my business up with a fantastic new website, could not be happier

facebook
Steve Sacre
recommends

If You are looking for Website design & creativity look no further. Paul & his team are the epitome of excellence.Don't take my word just refer to my website "stevestours.net"that Stoute Web Solutions created.This should convince anyone that You have finally found Your perfect fit

facebook
Jamie Hill
recommends

Paul and the team at Stoute Web are amazing. They are super fast to answer questions. Super easy to work with, and knows their stuff. 10,000 stars.

Paul and the team from Stoute Web solutions are awesome to work with. They're super intuitive on what best suits your needs and the end product is even better. We will be using them exclusively for our web design and hosting.

facebook
Dean Eardley
recommends

Beautifully functional websites from professional, knowledgeable team.

Along with hosting most of my url's Paul's business has helped me with website development, graphic design and even a really cool back end database app! I highly recommend him as your 360 solution to making your business more visible in today's social media driven marketplace.

I hate dealing with domain/site hosts. After terrible service for over a decade from Dreamhost, I was desperate to find a new one. I was lucky enough to win...

Paul Stoute has been extremely helpful in helping me choose the best package to suite my needs. Any time I had a technical issue he was there to help me through it. Superb customer service at a great value. I would recommend his services to anyone that wants a hassle free and quality experience for their website needs.

Paul is the BEST! I am a current customer and happy to say he has never let me down. Always responds quickly and if he cant fix the issue right away, if available, he provides you a temporary work around while researching the correct fix! Thanks for being an honest and great company!!

Paul Stoute is absolutely wonderful. Paul always responds to my calls and emails right away. He is truly the backbone of my business. From my fantastic website to popping right up on Google when people search for me and designing my business cards, Paul has been there every step of the way. I would recommend this company to anyone.

I can't say enough great things about Green Tie Hosting. Paul was wonderful in helping me get my website up and running quickly. I have stayed with Green...