Changing WordPress Database Prefix to improve security:-
The idea of changing WordPress Database prefix helps in prevent your site from sql injection because hackers use the SQL queries with the default settings in their attack. But if you have changed the prefix and database details are unique then it would get an error.
While resolving the issue that does not mean its only solution to protect your site. With only a single step you can add more security to your WordPress site.
Here on this post I am going to provide you the methods by which you can change your database prefix and add security to your website. If you have miss the options while installing WordPress , you can also cover it up through Phpmyadmin, Wp-config.php or you can also done this through Defender Plugin.
How to Change Default Database Table prefix after WordPress Installation:-
If you have already installed WordPress to your site, then you can change default prefix by following these steps.
- Before You Initiate:- Since we are making changes in wp-config.php file. Its recommend to take a full backup of your WordPress database before modifying prefix. If your site has a good amount of traffic then it would be great if you redirect your visitors to a temporary page.
- Change Default Table Prefix:- Open wpconfig.php file from your wordpress root directory. Scroll & find out $table_prefix = ‘wp_’;. Change the database prefix from ‘wp_’ to random prefix like ‘wp_a1b2c3d4’. This is to remember that you can only add letters & prefix to your database prefix.
- Rename all Database tables:- Go through your WordPress database through phpMyAdmin & rename all table prefixes to the same as you modified in wp-config.php file. There are total 12 WordPress tables by default. One of the way is to rename each table prefix manually. This would take a lot of time. So to do this quickly you can use SQL queries to rename all the WordPress database tables.
If you have plugins installed on your site then it may possible that you have some extra tables in WordPress database. If this would happen you have to rename those tables too. For minimize risks of hacking attempt, its best option to rename all the database tables from default prefix to random one.
- Modify the Options Table:-
We have to make searches for the options table for instances of old or default prefix so that we can replace them too. You can also use this SQL query for the same.
SELECT * FROM ’wp_a1b2c3d4_options’ WHERE ‘option_name’ LIKE ‘%wp_%’
The main purpose of this is to seek out any option that begin with wp_ and replace them with random prefix. Executing this SQL Command will results in wp_user_roles option in addition with other options that would be created by the plugins you have installed on your website.
After getting all the options rename them with new prefix.
- Modify the Usermeta table:- Search for usermeta table for instances of old prefix so that you can change it with new one. Here is SQL query to help you in finding the same.
SELECT *FROM ‘wp_a1b2c3d4_usermeta’ WHERE ‘meta_key’ LIKE ‘%wp_%’
This query will returns all the usermeta fields that starts with wp_prefix. Now rename all the shown prefix with the new prefix.