Are you very much concerned about the security of your WordPress website? WordPress security is a serious affair that you should always take care of and one of the smartest ways to protect it is by changing the WordPress database prefix. The WordPress database is like a human brain to a WordPress website as it contains all of the information for your website and so its importance is self-evident. Because all the information on the website is there, it has also become an important target for hackers. By default, the WordPress database prefix is displayed as “wp_” and it is very easy to locate and target. Hackers will run some automated code to perform SQL injection attacks. Unfortunately, many people forget to modify the data table prefix when installing WordPress, which gives hackers the opportunity to attack the database through the default prefix wp_. The best way to protect the database is to prefix the data table name when installing WordPress, which is very simple.
If you are starting to make a new website, it is quite easy to change these ‘wp’ database prefixes, but on an already running website, you might have a harder time. The reason is that many items on your website will be calling files that have the “wp_” prefix. For this reason, you need to be very careful when you change the prefix. Today, I will demonstrate how to change your WordPress database prefix to Improve improve your website’s security.
Ready to work
First, back up the database of the website before following along with this tutorial and it’s very important in case any error happens. Make use of the BackupBuddy plugin for automated backup. Next, temporarily switch the site to the maintenance state.
A) Changing the default table prefix before installing WordPress
First, before the WordPress installation and it is the easiest way. When you are configuring the wp-config.php configuration file with your database credentials, just move down the file a bit until you see this:
You need to replace the “wp_” with a string of random, unique characters and you are ready to go. Just go the WordPress installation as normal and your database prefix will have been modified to something secret. Here’s an example of a strong database prefix that you can follow: wp_VzQCxSJv7uM_
B) Changing the default table prefix after installing WordPress
To change your prefix after installing the WordPress, you may follow these steps:
Modify the data table prefix in wp-config.php
Open the wp-config.php file in the root directory of the WordPress website and change the table prefix from wp_ to something else, such as wp_a123456_.
Then this line of code looks like this:
$ table_prefix = 'wp_a123456_';
Note: The table prefix can only consist of numbers, letters, and underscores.
Modify all database table names
Log in to the database (usually through phpMyAdmin), and then change the prefix of the table name to what we just defined in wp-config.php. If using a WordPress host with cPanel, a link to phpMyAdmin can be found in the cPanel.
There are 11 default tables in WordPress. It will be more troublesome to modify them one by one manually.
Therefore, in order to make them work faster and more efficiently, a SQL query statement is provided. Copy the following code into the SQL input box and click the “Execute” button.
RENAME table `wp_commentmeta` TO` wp_a123456_commentmeta`;
RENAME table `wp_comments` TO` wp_a123456_comments`;
RENAME table `wp_links` TO` wp_a123456_links`;
RENAME table `wp_options` TO` wp_a123456_options`;
RENAME table `wp_postmeta` TO` wp_a123456_postmeta`;
RENAME table `wp_posts` TO` wp_a123456_posts`;
RENAME table `wp_terms` TO` wp_a123456_terms`;
RENAME table `wp_termmeta` TO` wp_a123456_termmeta`;
RENAME table `wp_term_relationships` TO` wp_a123456_term_relationships`;
RENAME table `wp_term_taxonomy` TO` wp_a123456_term_taxonomy`;
RENAME table `wp_usermeta` TO` wp_a123456_usermeta`;
RENAME table `wp_users` TO` wp_a123456_users`;
If other plug-ins installed also create data tables in the database, then add these tables. The aim is to change the prefix of all data tables.
Options table
The options table needs to be a query to see which fields use wp_ as a prefix, and then replace them all. In order to facilitate the query, use the following query statement:
SELECT * FROM `wp_a123456_options` WHERE` option_name` LIKE '% wp_%'
You will see that many results are returned, and modify wp_ in the results one by one.
UserMeta table
Next, query the user meta table for which fields use wp_ as a prefix, and then replace it. Use the following SQL statement to query:
SELECT * FROM `wp_a123456_usermeta` WHERE` meta_key` LIKE '% wp_%'
The number of query results returned varies according to the number of plug-ins you install. Change wp_ to the new prefix one by one.
Backup & Finish
Now test the website. If the above steps are followed correctly, then the website should run well without any problems. The process of securing a WordPress website involves securing the database. The default table prefix is well-known and targeted by infamous hackers across the internet. Changing your wp prefix to something difficult for guesswork would be the easiest way to stop malicious scripts and other attacks compromising your website database.
And remember to keep recent backups whenever you play with DB. If something goes wrong with your database, just replace it with the backup.
1 Comment