CloudStick is a server control panel for developers and agencies that lets you manage cloud servers on AWS, DigitalOcean, Vultr, Linode, and Hetzner without using the command line. Plans start at $9/month — the Basic plan covers 1 server with unlimited websites; Pro at $19/month and Business at $49/month cover unlimited servers.

Will features I pay for ever get moved to a higher plan?

No. CloudStick is committed to keeping all features you currently pay for within your existing plan. New features may be added to higher tiers, but existing plan features will never be removed or require a forced upgrade.

What happens to my servers if I cancel CloudStick?

Your servers remain fully operational after cancellation. CloudStick does not host your servers — it manages them. If you cancel, you lose access to the CloudStick dashboard, but your servers continue running on your cloud provider.

Is there a free trial for CloudStick?

Yes. CloudStick offers a 7-day free trial on all paid plans with no credit card required. You can explore every feature and upgrade, downgrade, or cancel at any time during or after the trial.

WORDPRESS

Jun 23, 2026

How to Host Multiple WordPress Sites on One Server

9 min read

CloudStick Team

Security Specialist

Share this article

How to Host Multiple WordPress Sites on One Server

Multiple sites, one server

The Right Architecture for Multiple WordPress Sites

Hosting multiple WordPress sites on one VPS is straightforward — it's how cPanel-based shared hosting has worked for 20 years. The modern approach without cPanel uses Nginx virtual hosts for routing, separate PHP-FPM pools per site for isolation, and separate MySQL databases per site for security. Each site is fully isolated: a security breach on one site doesn't compromise the others.

CloudStick manages this architecture automatically — every website you add to a server gets its own Nginx virtual host, PHP-FPM pool, and database. The guide below shows the manual implementation so you understand what CloudStick is doing under the hood.

PREREQUISITE

Ubuntu 24.04 with Nginx, PHP 8.3-FPM, and MySQL installed. A 2GB VPS comfortably hosts 5–15 small-to-medium WordPress sites. Plan ~120–150MB RAM per site (PHP-FPM workers + MySQL buffer pool share). DNS for both domains must point at the server IP before running Certbot.

Creating Nginx Virtual Hosts

Each WordPress site needs its own Nginx server block file. The server_name directive tells Nginx which domain routes to which document root:

# /etc/nginx/sites-available/site1.com
server {
    listen 80;
    server_name site1.com www.site1.com;
    root /var/www/site1.com;
    index index.php;
    location / { try_files $uri $uri/ /index.php?$args; }
    location ~ \.php$ {
        fastcgi_pass unix:/run/php/site1.sock;  # unique socket
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

Create a separate file for each site, then enable all of them:

sudo ln -s /etc/nginx/sites-available/site1.com /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/site2.com /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx

Isolated PHP-FPM Pools Per Site

Running all sites through the default www PHP-FPM pool creates a security and stability risk: if one site exhausts all PHP workers, all other sites go down simultaneously. Create a separate pool for each site in /etc/php/8.3/fpm/pool.d/site1.conf:

[site1]
user = site1user
group = site1user
listen = /run/php/site1.sock
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 8
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

Each pool runs as a separate Linux user (site1user, site2user), preventing one site's PHP process from reading another site's files. This is the same isolation model that CloudStick uses — each website gets a dedicated system user, PHP pool, and Unix socket.

Per-Site MySQL Databases

Create separate MySQL databases and users for each WordPress installation. If one site is compromised at the PHP level, the attacker can only access that site's database — not all others on the server:

# Site 1
sudo mysql -e "CREATE DATABASE site1_db CHARACTER SET utf8mb4;"
sudo mysql -e "CREATE USER 'site1_user'@'localhost' IDENTIFIED BY 'pass1';"
sudo mysql -e "GRANT ALL ON site1_db.* TO 'site1_user'@'localhost';"
# Site 2
sudo mysql -e "CREATE DATABASE site2_db CHARACTER SET utf8mb4;"
sudo mysql -e "CREATE USER 'site2_user'@'localhost' IDENTIFIED BY 'pass2';"
sudo mysql -e "GRANT ALL ON site2_db.* TO 'site2_user'@'localhost';"

File Permissions for Multi-Site Security

Each site's document root should be owned by its dedicated user, with Nginx able to read (but not write) the files. WordPress needs write access only to wp-content/:

sudo useradd -r -s /bin/false site1user
sudo chown -R site1user:site1user /var/www/site1.com
sudo find /var/www/site1.com -type f -exec chmod 644 {} \;
sudo find /var/www/site1.com -type d -exec chmod 755 {} \;
# Allow WordPress to upload files
sudo chown -R www-data:site1user /var/www/site1.com/wp-content/uploads
sudo chmod -R 775 /var/www/site1.com/wp-content/uploads

Managing Multiple Sites Through CloudStick

CloudStick was built specifically for multi-site server management. Every website you create in CloudStick automatically gets the full isolated architecture described in this guide — dedicated Nginx virtual host, isolated PHP-FPM pool with its own Unix socket, separate MySQL database and user, correct file permissions with a dedicated system user. The manual setup in this guide takes 20–30 minutes per site. CloudStick does it in under 60 seconds.

For agencies hosting 10–50 client sites on a single server, CloudStick adds team access controls per site, individual SSL management per domain, per-site backup scheduling, and a site cloning feature for quickly deploying new client sites from a template. The $9/month server plan covers unlimited sites — unlike cPanel's per-account billing model, adding your 50th site to CloudStick costs the same as adding the first.