diff --git a/.travis.yml b/.travis.yml
index 3dc414b2..e4cbaeeb 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -10,7 +10,7 @@ install:
   - composer install
   - npm install
 script:
-  - ./vendor/bin/phpcs -p --standard=PSR2 ./src ./tests
+  - ./vendor/bin/phpcs -p --standard=PSR2 ./src ./tests --ignore=./tests/bootstrap.php
   - ./scripts/phpunit.sh
   - ./scripts/humbug.sh
   - ./scripts/build.sh
diff --git a/composer.json b/composer.json
index f37d7b58..ab7e3508 100644
--- a/composer.json
+++ b/composer.json
@@ -3,7 +3,7 @@
   "description": "User Access Manager plugin for Wordpress",
   "type": "wordpress-plugin",
   "license": "GPL-2.0",
-  "version": "2.1.11",
+  "version": "2.1.12",
   "authors": [
     {
       "name": "Alexander Schneider",
diff --git a/package.json b/package.json
index 311234e4..650ea525 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "user-access-manager",
-  "version": "2.1.11",
+  "version": "2.1.12",
   "description": "[![Build Status](https://travis-ci.org/GM-Alex/user-access-manager.svg)](https://travis-ci.org/GM-Alex/user-access-manager)",
   "main": "index.js",
   "directories": {
diff --git a/readme.txt b/readme.txt
index cdd90689..65da4555 100644
--- a/readme.txt
+++ b/readme.txt
@@ -3,8 +3,8 @@ Contributors: GM_Alex
 Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=1947052
 Tags: admin, access, member area, members, member, member access, page, pages, post, posts, private, privacy, restrict, user, user access manager, user management
 Requires at least: 4.7
-Tested up to: 4.9
-Stable tag: 2.1.11
+Tested up to: 5.0
+Stable tag: 2.1.12
 
 With the "User Access Manager"-plugin you can manage the access to your posts, pages and files.
 
@@ -59,6 +59,8 @@ Here you found the changes in each version.
 
     Version     Date        Changes
 
+    2.1.12      2019/01/08  Fix multi site file handling issue. #222
+
     2.1.11      2018/03/16  Fix missing got_mod_rewrite function. #212
                             Fix wrong media urls. #207
                             Fix wrong post counts at the admin panel.
diff --git a/src/File/ApacheFileProtection.php b/src/File/ApacheFileProtection.php
index 8cce16a0..313c2f1f 100644
--- a/src/File/ApacheFileProtection.php
+++ b/src/File/ApacheFileProtection.php
@@ -100,10 +100,11 @@ private function getFileContent($directory)
      * Creates the file content if permalinks are active.
      *
      * @param string $objectType
+     * @param bool   $isSubSite
      *
      * @return string
      */
-    private function getPermalinkFileContent($objectType)
+    private function getPermalinkFileContent($objectType, $isSubSite = false)
     {
         if ($objectType === null) {
             $objectType = ObjectHandler::ATTACHMENT_OBJECT_TYPE;
@@ -115,7 +116,10 @@ private function getPermalinkFileContent($objectType)
         $content = "RewriteEngine On\n";
         $content .= "RewriteBase {$homeRoot}\n";
         $content .= "RewriteRule ^index\\.php$ - [L]\n";
-        $content .= "RewriteCond %{REQUEST_URI} !.*\/sites\/[0-9]+\/.*\n";
+
+        if ($isSubSite === false) {
+            $content .= "RewriteCond %{REQUEST_URI} !.*\/sites\/[0-9]+\/.*\n";
+        }
 
         $directoryMatch = $this->getDirectoryMatch();
 
@@ -162,7 +166,10 @@ public function create($directory, $objectType = null)
             $content = $this->getFileContent($directory);
             $this->createPasswordFile(true, $directory);
         } else {
-            $content = $this->getPermalinkFileContent($objectType);
+            $content = $this->getPermalinkFileContent(
+                $objectType,
+                preg_match('/.*\/sites\/[0-9]+\/$/', $directory) !== 0
+            );
         }
 
         // save files
diff --git a/src/UserAccessManager.php b/src/UserAccessManager.php
index 41d2a086..97ee7dde 100644
--- a/src/UserAccessManager.php
+++ b/src/UserAccessManager.php
@@ -22,7 +22,6 @@
 use UserAccessManager\Config\ConfigParameterFactory;
 use UserAccessManager\Controller\Backend\DynamicGroupsController;
 use UserAccessManager\Controller\Backend\PostObjectController;
-use UserAccessManager\Controller\Backend\SetupController;
 use UserAccessManager\Controller\Backend\TermObjectController;
 use UserAccessManager\Controller\Backend\UserObjectController;
 use UserAccessManager\Controller\ControllerFactory;
@@ -33,6 +32,7 @@
 use UserAccessManager\Object\ObjectHandler;
 use UserAccessManager\ObjectMembership\ObjectMembershipHandlerFactory;
 use UserAccessManager\Setup\SetupHandler;
+use UserAccessManager\UserGroup\UserGroupAssignmentHandler;
 use UserAccessManager\UserGroup\UserGroupFactory;
 use UserAccessManager\User\UserHandler;
 use UserAccessManager\UserGroup\UserGroupHandler;
@@ -48,7 +48,7 @@
  */
 class UserAccessManager
 {
-    const VERSION = '2.1.11';
+    const VERSION = '2.1.12';
     const DB_VERSION = '1.6.1';
 
     /**
@@ -96,6 +96,11 @@ class UserAccessManager
      */
     private $userGroupHandler;
 
+    /**
+     * @var UserGroupAssignmentHandler
+     */
+    private $userGroupAssignmentHandler;
+
     /**
      * @var AccessHandler
      */
@@ -293,6 +298,9 @@ public function getUserHandler()
         return $this->userHandler;
     }
 
+    /**
+     * @return UserGroupHandler
+     */
     public function getUserGroupHandler()
     {
         return $this->userGroupHandler;
diff --git a/tests/Unit/Controller/Backend/ObjectControllerTestCase.php b/tests/Unit/Controller/Backend/ObjectControllerTestCase.php
index 762c21ea..13765770 100644
--- a/tests/Unit/Controller/Backend/ObjectControllerTestCase.php
+++ b/tests/Unit/Controller/Backend/ObjectControllerTestCase.php
@@ -21,7 +21,6 @@
 use UserAccessManager\Controller\Backend\UserObjectController;
 use UserAccessManager\Object\ObjectHandler;
 use UserAccessManager\Tests\Unit\UserAccessManagerTestCase;
-use UserAccessManager\UserGroup\UserGroupAssignmentException;
 use Vfs\FileSystem;
 use Vfs\Node\Directory;
 use Vfs\Node\File;
diff --git a/tests/Unit/File/ApacheFileProtectionTest.php b/tests/Unit/File/ApacheFileProtectionTest.php
index 05faa835..6b118996 100644
--- a/tests/Unit/File/ApacheFileProtectionTest.php
+++ b/tests/Unit/File/ApacheFileProtectionTest.php
@@ -163,7 +163,13 @@ public function testCreate()
          */
         $rootDir = $this->root->get('/');
         $rootDir->add('testDir', new Directory());
+        $rootDir->add('secondTestDir', new Directory([
+            'sites' => new Directory([
+                '2' => new Directory()
+            ])
+        ]));
         $testDir = 'vfs://testDir';
+        $secondTestDir = 'vfs://secondTestDir/sites/2/';
 
         $apacheFileProtection = new ApacheFileProtection(
             $this->getPhp(),
@@ -173,8 +179,8 @@ public function testCreate()
             $this->getUtil()
         );
 
-        $file = 'vfs://testDir/'.ApacheFileProtection::FILE_NAME;
-        $passwordFile = 'vfs://testDir/'.ApacheFileProtection::PASSWORD_FILE_NAME;
+        $file = $testDir.'/'.ApacheFileProtection::FILE_NAME;
+        $passwordFile = $testDir.'/'.ApacheFileProtection::PASSWORD_FILE_NAME;
 
         self::assertTrue($apacheFileProtection->create($testDir));
         self::assertTrue(file_exists($file));
@@ -240,19 +246,20 @@ public function testCreate()
             file_get_contents($file)
         );
 
-        self::assertTrue($apacheFileProtection->create($testDir, 'objectType'));
+        $secondFile = $secondTestDir.'/'.ApacheFileProtection::FILE_NAME;
+
+        self::assertTrue($apacheFileProtection->create($secondTestDir, 'objectType'));
         self::assertEquals(
             "<IfModule mod_rewrite.c>\n"
             ."RewriteEngine On\n"
             ."RewriteBase /path/\n"
             ."RewriteRule ^index\.php$ - [L]\n"
-            ."RewriteCond %{REQUEST_URI} !.*\/sites\/[0-9]+\/.*\n"
             ."RewriteRule ^([^?]*)$ /path/index.php?uamfiletype=objectType&uamgetfile=$1 [QSA,L]\n"
             ."RewriteRule ^(.*)\\?(((?!uamfiletype).)*)$ "
             ."/path/index.php?uamfiletype=objectType&uamgetfile=$1&$2 [QSA,L]\n"
             ."RewriteRule ^(.*)\\?(.*)$ /path/index.php?uamgetfile=$1&$2 [QSA,L]\n"
             ."</IfModule>\n",
-            file_get_contents($file)
+            file_get_contents($secondFile)
         );
 
         self::assertFalse($apacheFileProtection->create('invalid', 'invalid'));
diff --git a/tests/Unit/UserAccessManagerTest.php b/tests/Unit/UserAccessManagerTest.php
index 4a045ebc..e6abf47c 100644
--- a/tests/Unit/UserAccessManagerTest.php
+++ b/tests/Unit/UserAccessManagerTest.php
@@ -18,7 +18,6 @@
 use UserAccessManager\Controller\Backend\DynamicGroupsController;
 use UserAccessManager\Controller\Backend\ObjectController;
 use UserAccessManager\Controller\Backend\PostObjectController;
-use UserAccessManager\Controller\Backend\SetupController;
 use UserAccessManager\Controller\Backend\TermObjectController;
 use UserAccessManager\Controller\Backend\UserObjectController;
 use UserAccessManager\Controller\Frontend\FrontendController;
diff --git a/tests/bootstrap.php b/tests/bootstrap.php
index 15cc8f4b..aab48cdd 100644
--- a/tests/bootstrap.php
+++ b/tests/bootstrap.php
@@ -1,4 +1,8 @@
 <?php
+if (!defined('PHPUNIT_COMPOSER_INSTALL')) {
+    define('PHPUNIT_COMPOSER_INSTALL', __DIR__ . '/../vendor/autoload.php');
+}
+
 require_once __DIR__.'/defines.php';
 require_once __DIR__.'/../vendor/autoload.php';
 require_once __DIR__.'/../includes/language.php';
diff --git a/user-access-manager.php b/user-access-manager.php
index 141ac94e..8d200cb2 100644
--- a/user-access-manager.php
+++ b/user-access-manager.php
@@ -3,7 +3,7 @@
  * Plugin Name: User Access Manager
  * Plugin URI: https://wordpress.org/plugins/user-access-manager/
  * Author URI: https://twitter.com/GM_Alex
- * Version: 2.1.11
+ * Version: 2.1.12
  * Author: Alexander Schneider
  * Description: Manage the access to your posts, pages, categories and files.
  * Text Domain: user-access-manager