Dedicated Isolation Architecture

The Framework's approach to multi-tenancy in WordPress is sophisticated, particularly in how it handles databases and media for each tenant. Unlike traditional setups where a single database might contain multiple sites (as seen in WordPress Multisite), The Framework assigns each tenant its own dedicated database. This strategy enhances security, scalability, and data integrity across the multi-tenant landscape.

Tenant Database Initialization

Upon determining that it's operating in a multi-tenant mode, The Framework engages a sequence of steps to ensure each tenant interacts exclusively with its designated database:

1. Tenant Identification: The Framework identifies the incoming request's associated tenant, typically through domain mapping or a path identifier.

2. Environment Configuration: For each tenant, there's a corresponding .env environment file within its configuration directory (e.g., configs/tenant/<tenant_id>/.env). This file contains environment-specific variables, including unique database credentials for the tenant.

3. Dynamic Database Connection: Before handing off to WordPress, The Framework reads the tenant's .env file and establishes a connection to the tenant's specific database. This ensures that all queries, operations, and data storage are performed within the tenant's database, completely isolated from other tenants.

Advantages of Separate Databases

This architecture offers several key benefits:

• Security: Data for each tenant is stored in a separate database, minimizing the risk of data leakage or unauthorized access between tenants.
• Customization: Tenants can have entirely customized setups, including different plugins, themes, and other configurations, without any overlap.
• Scalability: As each tenant operates independently, system resources and databases can be scaled individually based on each tenant's needs.
• Maintenance and Backups: Administrative tasks such as backups, migrations, and updates can be performed per tenant, reducing complexity and downtime.

Handling Media, Uploads, and Content Isolation

The Framework ensures that media, uploads, and content files are tenant-specific, but also supports content directory isolation, an optional feature:

1. Default Setup (isolated: false):

   • Each tenant has a dedicated uploads folder (wp-content/uploads/{tenant_id}), ensuring that media remains separate.
   • Plugins and themes remain globally managed, allowing for centralized updates and installations across all tenants.

2. Fully Isolated Setup (isolated: true):

   • Each tenant receives its own wp-content directory (/{tenant_id}/wp-content), meaning themes, plugins, and uploads are completely independent.
   • This isolation prevents any plugin or theme conflicts and allows for deep customization per tenant.
   • However, Composer updates will no longer apply globally—each site will need to install and update plugins/themes manually.

Note: Full isolation provides maximum control and security, but it should be carefully evaluated as it significantly increases maintenance effort.

Framework Handoff

Once The Framework has initialized the environment, connected to the appropriate tenant database, and determined the tenant's content directory setup, it hands over control to WordPress. At this stage, WordPress operates as it typically would but within the context of the tenant's isolated environment. All standard functionality, including theme rendering, plugin operations, and content management, operates on a per-tenant basis, using the appropriate database and file system paths.

The Framework's multi-tenant isolation architecture, particularly its approach to database management, offers a robust and flexible framework for operating multiple WordPress applications within a single installation. By ensuring each tenant has its own database and environment configurations, The Framework provides a powerful solution for developers and organizations looking to efficiently manage a portfolio of WordPress sites with maximum security, customization, and scalability.

The ability to offer both shared and fully isolated content environments is made possible by the modular framework architecture.