Now accepting Q2 projects — limited slots available. Get started →
English Espanol Francais Deutsch 中文 한국어 日本語 Portugues 繁體中文 العربية
Enterprise Migration
Multisite NetworksMulti-Tenant ArchitectureZero-Downtime Cutover

WordPress Multisite 迁移到 Next.js

逃离共享攻击面。永久解决。

96%
WP Exploits Target Plugins
Shared across your entire network
3-5×
More Complex Than Single-Site
Prefixed tables, shared users, media paths
0
Plugins After Migration
No PHP. No attack surface.
301
Every URL Redirected
Across every subsite and domain
What Is WordPress Multisite Migration?

WordPress Multisite migration means pulling multiple subsites out of a single WordPress network — each with its own prefixed database tables (wp_2_posts, wp_3_options), shared user accounts, and isolated media directories — and rebuilding them as a modern multi-tenant Next.js application with isolated content, dedicated authentication, and no shared plugin vulnerabilities.

One plugin vulnerability on one subsite exposes all 30+ sites simultaneously That's not a hypothetical — 96% of WordPress exploits target plugins, and your entire network shares one attack surface. All it takes is one unpatched plugin on one subsite.
Prefixed database tables (wp_2_posts, wp_3_options) turn what should be a straightforward extraction into a multi-day operation Serialized data makes it worse — it contains hardcoded domain references, so a naive find-and-replace doesn't just miss things, it actively corrupts widget configs and option values.
The shared wp_users table with per-site capabilities (wp_2_capabilities, wp_3_capabilities) is its own headache You can't cleanly separate user access without remapping every capability key per subsite. There's no clean path — just careful, tedious work.
Media files live in /wp-content/uploads/sites/[site-id]/ with hardcoded URLs baked into the content itself Move or restructure any subsite and you break every image and file reference in that subsite overnight.
Domain-mapped subsites each need individual DNS changes, SSL certificates, and redirect rules Miss one domain during migration and you've handed that subsite's indexed pages and organic traffic to a 404 page.
Then there's the plugin problem The plugin that runs fine on your main site breaks on subsite #7 — and you can't update them independently. Network-activated plugins force every subsite onto the same version, so each update is a network-wide gamble.
Prefixed Table Extraction
We remap every wp_N_ prefixed table to clean schema structures in Supabase. Serialized data gets parsed properly — domain references rewritten without touching the serialization format itself.
Multi-Tenant Row-Level Security
Each former subsite gets its own location_id in Supabase, with RLS policies enforcing content isolation. No shared database, no cross-site data leaks. They're genuinely separate now.
Per-Site User Role Mapping
We extract per-subsite capabilities from the shared wp_users table and remap them to Supabase Auth roles. Each user ends up with the right permissions per location — a single login that actually knows where they're allowed to be.
Media URL Rewriting
Every media file from /wp-content/uploads/sites/[id]/ moves to CDN-optimized storage, and all content references get rewritten to the new paths with next/image optimization baked in.
Per-Domain Redirect Mapping
Every URL across every subsite — including domain-mapped custom domains — gets a 301 redirect to its new path. No orphaned URLs, no rankings quietly disappearing in the background.
Network-Wide Performance Audit
We benchmark each subsite's Core Web Vitals, page count, and plugin dependencies before migration starts. After launch, we verify 95+ Lighthouse scores across all locations. You get before-and-after numbers, not just a promise.
WP REST API Per-Subsite Export
Automated content extraction pulls from each subsite's REST endpoint with full taxonomy, custom field, and ACF data preserved. Nothing gets left behind in the move.
Next.js Multi-Tenant Routing
Dynamic /locations/[slug] routes use shared brand components with per-location content powered by Supabase queries. One codebase, genuinely separate content.
Supabase Content Schema
A normalized database schema with location_id foreign keys replaces the entire wp_N_ prefix system. It's cleaner than it sounds once it's done.
Location Management Dashboard
A custom admin interface handles content, users, and settings per location. No WordPress admin, no plugin conflicts, no wondering whether an update is going to break three subsites.
Static HTML on Global CDN
Every page pre-renders at build time and serves from edge nodes. No PHP execution. No database queries on page load. Pages just load — fast.
Google Search Console Per-Domain
GSC property setup and sitemap submission covers every former subsite domain, with indexing monitored through stabilization. We don't hand it off and disappear.
01
Network Audit
Start by mapping every subsite: URLs, content volume, active plugins, custom post types, domain mapping configuration, and user role distribution. You need to know exactly what shared functionality exists versus what's site-specific, and you need to flag every piece of serialized data that contains domain references before anything moves.
Week 1-2
02
Architecture Design
Then design the Next.js route structure, Supabase schema with location_id and RLS policies, shared component library, and per-location content models. The redirect strategy for every domain gets defined here too — before a single line of migration code runs.
Week 2-3
03
Content Export & Media Migration
Extract content via the WP REST API per subsite. Download media from each /sites/[id]/ directory. Export users with per-site capability mapping. Validate serialized data integrity at every step.
Week 3-5
04
Build & Import
Build the Next.js multi-tenant application with Supabase Auth, RLS, and the admin dashboard. Then batch import all content, rewrite all media URLs, and map users to Supabase Auth with the correct per-location roles assigned.
Week 5-10
05
Redirect Mapping & Launch
Implement 301 redirects for every URL across all subsites and domain-mapped domains. DNS cutover per domain. GSC property updates. Monitor indexing across all former subsites for 30 days post-launch — long enough to catch anything that wants to surface late.
Week 10-12
Next.jsSupabaseVercelWP REST APIRow-Level SecuritySupabase Auth

FAQ

Why is WordPress Multisite migration harder than single-site migration?

Here's what makes a Multisite migration genuinely complex: each subsite has its own prefixed database tables (wp_2_posts, wp_3_options), but everyone shares a single wp_users table with per-site capabilities baked in. Media lives in separate /sites/[id]/ directories. Serialized data holds domain-specific references scattered throughout. Extracting one subsite means remapping all prefixed tables, rewriting serialized data without corruption, migrating media paths, and handling per-domain DNS — then doing that again for every subsite in the network.

Can you migrate subsites with custom domains?

For domain-mapped subsites, we handle DNS cutover per domain, SSL certificate provisioning, and 301 redirect implementation from the old domain to its new path structure. Each custom domain gets its own Google Search Console property update and dedicated indexing monitoring. We coordinate cutover timing to minimize downtime across all domains — staggering where it makes sense, batching where it doesn't.

What happens to shared users across subsites?

WordPress Multisite stores all users in one wp_users table with per-site capabilities like wp_2_capabilities and wp_3_capabilities. We extract each user's per-site roles, map them to Supabase Auth, and assign location-specific permissions using Row-Level Security. The end result: a single login with the right access level per location, without anyone seeing content they shouldn't.

Will we lose SEO rankings during migration?

We build 301 redirect maps for every URL across every subsite, including domain-mapped custom domains. Google Search Console properties get set up per domain with updated sitemaps submitted on launch day. We monitor indexing for 30 days post-launch across all former subsites to catch anything that slips through. Worth noting: the performance jump from static HTML typically helps rankings rather than hurting them.

How long does a WordPress Multisite migration take?

Timeline scales with network size. A 5–10 subsite network usually takes 8–10 weeks. Networks in the 25–50 subsite range run 12–16 weeks. Enterprise networks with 50+ subsites, complex domain mapping, and custom functionality can take 16–24 weeks. The audit phase nails down an accurate timeline for your specific network — the numbers above are starting points, not guarantees.

What's the security improvement after migrating from WordPress Multisite?

WordPress Multisite networks are high-value targets precisely because one plugin vulnerability hits every subsite simultaneously. After migration, your sites are pre-rendered static HTML served from a CDN — no PHP runtime, no database exposed to the web, nothing for a plugin exploit to grab onto. The attack surface drops to essentially zero. No more Wordfence alerts at 2am. No more emergency patches. No more holding your breath every time a plugin update drops.

Multisite Migration from $15,000
Priced by network size. 30-day post-launch monitoring included.
See all packages →
WordPress to Next.js MigrationNext.js DevelopmentCore Web Vitals OptimizationCore Web Vitals & Jamstack Guide

Get Your Multisite Network Assessment

Tell us about your network. We'll deliver a migration plan and quote within 48 hours.

Get Your Network Assessment
Get in touch

Let's build
something together.

Whether it's a migration, a new build, or an SEO challenge — the Social Animal team would love to hear from you.

Get in touch →