WordPress in a Subdirectory without the Security Risk
If you have an existing website and are looking to add a WordPress blog you will need to decide where you are going locate the installation.
The choice of using a subdomain or subdirectory depends on many factors. Usually the subdirectory is first choice from an SEO perspective but developers are often concerned about the security risks of hosting WordPress on the same server as the main site.
It is understandable that your developer will want to protect the site from potential vulnerabilities so he may suggest (or even try to insist) that the blog is installed on a subdomain as this can easily be hosted on a separate server.
If you feel this is a less than satisfactory arrangement as it compromises the SEO benefits of your blog then you may be pleased to learn that you can in fact host the contents of a subdirectory on a different server to your main content.
For Apache hosting this is fairly straight forward using mod proxy.
For IIS servers it’s more complicated (isn’t it always?). Try using ISAPI_Rewrite 3 and the RewriteProxy directive.
So there you have it. A solution that keeps both devs and SEOs happy!
If you know of any alternative ways to host WordPress in a subdirectory whilst minimising risk please share it by commenting on this post.