Now accepting Q2 projects — limited slots available. Get started →
Multisite NetworksMulti-Tenant ArchitectureZero-Downtime Cutover

WordPress Multisite Migration to Next.js

Escape the shared attack surface. Permanently.

WordPress Multisite made sense in 2012. In 2026, prefixed tables, shared vulnerabilities, and plugin conflicts across 30+ subsites aren't architecture — they're technical debt you're paying interest on every day.

Get Your Network Assessment See Our Migration Process
$1-2.5K/mo
WP Multisite Hosting
Typical managed hosting for 20-50 site networks
$45/mo
After Migration
Vercel + Supabase for same 50 sites
4-8wk
Migration Timeline
Typical WordPress Multisite to Next.js duration
95+
Lighthouse Score
Performance + accessibility target on every build
What Is WordPress Multisite Migration?

WordPress Multisite migration means pulling multiple subsites out of a single WordPress network — each with its own prefixed database tables (wp_2_posts, wp_3_options), shared user accounts, and isolated media directories — and rebuilding them as a modern multi-tenant Next.js application with isolated content, dedicated authentication, and no shared plugin vulnerabilities.

Your Current Site May Be a Liability

Common gaps we find in nearly every audit.

One plugin vulnerability on one subsite exposes all 30+ sites simultaneously
Risk: That's not a hypothetical — 96% of WordPress exploits target plugins, and your entire network shares one attack surface. All it takes is one unpatched plugin on one subsite.
Prefixed database tables (wp_2_posts, wp_3_options) turn what should be a straightforward extraction into a multi-day operation
Risk: Serialized data makes it worse — it contains hardcoded domain references, so a naive find-and-replace doesn't just miss things, it actively corrupts widget configs and option values.
The shared wp_users table with per-site capabilities (wp_2_capabilities, wp_3_capabilities) is its own headache
Risk: You can't cleanly separate user access without remapping every capability key per subsite. There's no clean path — just careful, tedious work.
Media files live in /wp-content/uploads/sites/[site-id]/ with hardcoded URLs baked into the content itself
Risk: Move or restructure any subsite and you break every image and file reference in that subsite overnight.
Domain-mapped subsites each need individual DNS changes, SSL certificates, and redirect rules
Risk: Miss one domain during migration and you've handed that subsite's indexed pages and organic traffic to a 404 page.
Then there's the plugin problem
Risk: The plugin that runs fine on your main site breaks on subsite #7 — and you can't update them independently. Network-activated plugins force every subsite onto the same version, so each update is a network-wide gamble.

How We Build This Right

Every safeguard, built in from Day 1.

Prefixed Table Extraction

We remap every wp_N_ prefixed table to clean schema structures in Supabase. Serialized data gets parsed properly — domain references rewritten without touching the serialization format itself.

Multi-Tenant Row-Level Security

Each former subsite gets its own location_id in Supabase, with RLS policies enforcing content isolation. No shared database, no cross-site data leaks. They're genuinely separate now.

Per-Site User Role Mapping

We extract per-subsite capabilities from the shared wp_users table and remap them to Supabase Auth roles. Each user ends up with the right permissions per location — a single login that actually knows where they're allowed to be.

Media URL Rewriting

Every media file from /wp-content/uploads/sites/[id]/ moves to CDN-optimized storage, and all content references get rewritten to the new paths with next/image optimization baked in.

Per-Domain Redirect Mapping

Every URL across every subsite — including domain-mapped custom domains — gets a 301 redirect to its new path. No orphaned URLs, no rankings quietly disappearing in the background.

Network-Wide Performance Audit

We benchmark each subsite's Core Web Vitals, page count, and plugin dependencies before migration starts. After launch, we verify 95+ Lighthouse scores across all locations. You get before-and-after numbers, not just a promise.

What We Build

Purpose-built features for your industry.

WP REST API Per-Subsite Export

Automated content extraction pulls from each subsite's REST endpoint with full taxonomy, custom field, and ACF data preserved. Nothing gets left behind in the move.

Next.js Multi-Tenant Routing

Dynamic /locations/[slug] routes use shared brand components with per-location content powered by Supabase queries. One codebase, genuinely separate content.

Supabase Content Schema

A normalized database schema with location_id foreign keys replaces the entire wp_N_ prefix system. It's cleaner than it sounds once it's done.

Location Management Dashboard

A custom admin interface handles content, users, and settings per location. No WordPress admin, no plugin conflicts, no wondering whether an update is going to break three subsites.

Static HTML on Global CDN

Every page pre-renders at build time and serves from edge nodes. No PHP execution. No database queries on page load. Pages just load — fast.

Google Search Console Per-Domain

GSC property setup and sitemap submission covers every former subsite domain, with indexing monitored through stabilization. We don't hand it off and disappear.

Built on a Modern, Secure Stack

Next.jsSupabaseVercelWP REST APIRow-Level SecuritySupabase Auth

Our Development Process

From discovery to launch. Quality at every step.

01

Network Audit

Week 1-2

Start by mapping every subsite: URLs, content volume, active plugins, custom post types, domain mapping configuration, and user role distribution. You need to know exactly what shared functionality exists versus what's site-specific, and you need to flag every piece of serialized data that contains domain references before anything moves.

02

Architecture Design

Week 2-3

Then design the Next.js route structure, Supabase schema with location_id and RLS policies, shared component library, and per-location content models. The redirect strategy for every domain gets defined here too — before a single line of migration code runs.

03

Content Export & Media Migration

Week 3-5

Extract content via the WP REST API per subsite. Download media from each /sites/[id]/ directory. Export users with per-site capability mapping. Validate serialized data integrity at every step.

04

Build & Import

Week 5-10

Build the Next.js multi-tenant application with Supabase Auth, RLS, and the admin dashboard. Then batch import all content, rewrite all media URLs, and map users to Supabase Auth with the correct per-location roles assigned.

05

Redirect Mapping & Launch

Week 10-12

Implement 301 redirects for every URL across all subsites and domain-mapped domains. DNS cutover per domain. GSC property updates. Monitor indexing across all former subsites for 30 days post-launch — long enough to catch anything that wants to surface late.

Social Animal

Ready to discuss your wordpress multisite migration to next.js project?

Get a free quote

Multisite Migration from $15,000

Priced by network size. 30-day post-launch monitoring included. See all packages →

Get Your Quote
Related Resources
solution
Multi-Site Website Platform
migration
WordPress to Next.js Migration
migration
WordPress Multisite to Next.js
compare
Next.js vs WordPress
blog
WordPress Multisite Is Not Multi-Site

Frequently Asked Questions

Here's what makes a Multisite migration genuinely complex: each subsite has its own prefixed database tables (wp_2_posts, wp_3_options), but everyone shares a single wp_users table with per-site capabilities baked in. Media lives in separate /sites/[id]/ directories. Serialized data holds domain-specific references scattered throughout. Extracting one subsite means remapping all prefixed tables, rewriting serialized data without corruption, migrating media paths, and handling per-domain DNS — then doing that again for every subsite in the network.
For domain-mapped subsites, we handle DNS cutover per domain, SSL certificate provisioning, and 301 redirect implementation from the old domain to its new path structure. Each custom domain gets its own Google Search Console property update and dedicated indexing monitoring. We coordinate cutover timing to minimize downtime across all domains — staggering where it makes sense, batching where it doesn't.
WordPress Multisite stores all users in one wp_users table with per-site capabilities like wp_2_capabilities and wp_3_capabilities. We extract each user's per-site roles, map them to Supabase Auth, and assign location-specific permissions using Row-Level Security. The end result: a single login with the right access level per location, without anyone seeing content they shouldn't.
We build 301 redirect maps for every URL across every subsite, including domain-mapped custom domains. Google Search Console properties get set up per domain with updated sitemaps submitted on launch day. We monitor indexing for 30 days post-launch across all former subsites to catch anything that slips through. Worth noting: the performance jump from static HTML typically helps rankings rather than hurting them.
Timeline scales with network size. A 5–10 subsite network usually takes 8–10 weeks. Networks in the 25–50 subsite range run 12–16 weeks. Enterprise networks with 50+ subsites, complex domain mapping, and custom functionality can take 16–24 weeks. The audit phase nails down an accurate timeline for your specific network — the numbers above are starting points, not guarantees.
WordPress Multisite networks are high-value targets precisely because one plugin vulnerability hits every subsite simultaneously. After migration, your sites are pre-rendered static HTML served from a CDN — no PHP runtime, no database exposed to the web, nothing for a plugin exploit to grab onto. The attack surface drops to essentially zero. No more Wordfence alerts at 2am. No more emergency patches. No more holding your breath every time a plugin update drops.
More solutions

Explore related industries

WordPress Migration London: Escape WP, Keep Your Rankings

London-based WordPress migration specialists. Notting Hill studio.

Web Development Agency London: Modern Stack, Notting Hill Studio

London web development that ships fast and ranks higher.

Next.js Agency London: Face-to-Face in Notting Hill

London-based Next.js specialists. Meet us in Notting Hill.
Need enterprise scale?

200+ employee company? Complex multi-tenant, auction, or multi-location requirement? We have a dedicated enterprise capability track.

View Enterprise Hub

Get Your Multisite Network Assessment

Tell us about your network. We'll deliver a migration plan and quote within 48 hours.

Or book a 30-minute call
Get in touch

Let's build
something together.

Whether it's a migration, a new build, or an SEO challenge — the Social Animal team would love to hear from you.

Get in touch →