How to change WordPress database prefix for better Security

0
change-wordpress-database-prefix

Database is the most important part of your website, all the posts, pages, links, comments all gets stored in it, database is so important that it have an effect on SEO too. As WordPress users you should optimize your database periodically to make your website fast and SEO friendly. This plays a vital role in WordPress maintenance.

Have you ever thought that the database of your WordPress website can be vulnerable to hackers by the WordPress default way of setting database prefix. There are ways by which you can enhance security of your website, but for database one important thing id changing WordPress database prefix.

Yes this is an issue with WordPress.

This is not a mistake from WordPress end, they have to specify a prefix to the database of their WordPress CMS. All the data of the website is stored in the database of the website, and what can be better prefix then WP_ for the database of WordPress website.

Some times this can lead to a security thereat to your website, hackers out there can perform SQL injections to get control over your website. They can run a script to create a user with administrator rights in your WordPress database, after gaining access they can do whatever they like with your website. They can even lock you out or delete your account to do what ever they want.

All this is targeted mainly by the database and in WordPress the default prefix wp_ helps them in SQL injection. It’s really easy to find that you are using WordPress and theme you are using, after that the hackers knows that by default wp_ is the prefix an they can run a script to target your database.

To be on the safe side if you have a prefix like wp_ghj_ then it will be hard for them as the script won’t be able to find the default prefix.

How to change WordPress database prefix for improved Security

To change the database prefix of the WordPress website you have to follow the steps below. But before we start you should make sure to backup your website.

This is important in case something goes wrong, it will help you get your website back in place and running like before. In fact we recommend you to take a backup before going for any change on your website core structure.

We are going to do it step by step so that you can do it easily without any problem

Changes to wp-config.php

In order to do this, first you have to do is login to your hosting account, for the first step we are going to make changes to the wp-config.php file in the root directory. For this step you can use a ftp client too.

You have to open this file and edit the table prefix line from wp_ to wp_ghj _ this will help the WordPress CMS to detect the database with the new prefix.

[code]$table_prefix = ‘wp_ghj_’;[/code]

After making the edits you have to save the changes to the file and if you are using ftp client then you have to upload the file to the server.

This will tell the WorPress CMS about which the table should be associated with which part.

Note: you can only us the alphabets numbers and underscore in the prefix, no special character is allowed.

Changes to databbase

Now you have to go to PhpMyAdmin in your hosting account, if your hosting have cPanel for website development then you should look under the database window, there you will find the icon with PhpMyAdmin as title.

phpmyadmin

When you click this icon then a new window will open where you you will see many options with wp_as a prefix to cahge it one by one can be time consuming so you have to sql query.

sql-phpmyadmin-database-wordpress

Now to change the prefix you have to run these below queries in SQL.

[code] RENAME table `wp_commentmeta` TO `wp_ghj_commentmeta`;
RENAME table `wp_comments` TO `wp_ghj_comments`;
RENAME table `wp_links` TO `wp_ghj_links`;
RENAME table `wp_options` TO `wp_ghj_options`;
RENAME table `wp_postmeta` TO `wp_ghj_postmeta`;
RENAME table `wp_posts` TO `wp_ghj_posts`;
RENAME table `wp_terms` TO `wp_ghj_terms`;
RENAME table `wp_term_relationships` TO `wp_ghj_term_relationships`;
RENAME table `wp_term_taxonomy` TO `wp_ghj_term_taxonomy`;
RENAME table `wp_usermeta` TO `wp_ghj_usermeta`;
RENAME table `wp_users` TO `wp_ghj_users`; [/code]

You have to change the line for tables of the plugins you have installed on your WordPress websites. You can take the above strings as example to add the strings.

This step will perform the main changes to the WordPress database prefix to change.

Editing Option tables

Now you have to search option table for any wp_prefix and the ones you find have to be replaced too. You can use the below query to get the job done.

[code]SELECT * FROM `wp_ghj_options` WHERE `option_name` LIKE ‘%wp_%'[/code]

This will return all the entries that need to be changed and you have to do it one by one.

This step will remove the wp_ prefix from the option tables

Editing usermeta

Now you have to search usermeta for the field that have wp_ prefix, For this you can use the sql query below.

[code]SELECT * FROM `wp_ghj_usermeta` WHERE `meta_key` LIKE ‘%wp_%'[/code]

Now you will get the fields with wp_ prefix in them, now again you have to change it one by one. This will return the results form all the scripts, plugins, etc. You will have to change all the strings with wp_ prefix.

Summing it up

Congratulations you have successfully changed the WordPress database prefix. You must note that you should choose your own unique prefix that can make your database secure. And keep in mind that there will be more tables as plugins adds tables to your WordPress database.

Further read:

Leave a Reply

Your email address will not be published. Required fields are marked *