WordPress Made Easy

How to Change the WordPress Database Prefix to Improve Security

Because every piece of information on your WordPress site is stored in the database, it’s a hacker’s favorite target (WordPress Database Prefix to Improve Security). Automated SQL injection codes are used by spammers and hackers. Unfortunately, when installing WordPress, many people forget to change the database prefix. By targeting the default prefix wp_, hackers can plan a mass attack more easily. The smartest way to protect your database is to change the database prefix, which is extremely simple to do on a new site. However, changing the WordPress database prefix properly for your existing site without completely messing it up requires a few steps.

Change the WordPress Database Prefix to Improve Security

Preparation

Before you do anything else in this tutorial, we recommend that you back up your WordPress database. Daily backups of your site are essential, and we recommend using the BackupBuddy plugin to do so. The next step is to send your visitors to a maintenance page that is only temporary.

In wp-config.php, change the table prefix.

Open the wp-config.php file in the root directory of your WordPress installation. Change the wp_ table prefix to something else, like this. wp a123456_

As a result, the line would be as follows:

1
$table_prefix  = 'wp_a123456_';

It’s important to note that you can only change it to numbers, letters, and underscores.

Change the names of all database tables

You’ll need to connect to your database (probably with phpMyAdmin) and change the table names to the ones we specified in the wp-config.php file. If you’re using cPanel for WordPress hosting, the phpMyAdmin link can be found in your cPanel. Take a look at the illustration below:

phpMyAdmin

There are 11 default WordPress tables, so manually changing them would be a pain.

1
2
3
4
5
6
7
8
9
10
11
12
RENAME table `wp_commentmeta` TO `wp_a123456_commentmeta`;
RENAME table `wp_comments` TO `wp_a123456_comments`;
RENAME table `wp_links` TO `wp_a123456_links`;
RENAME table `wp_options` TO `wp_a123456_options`;
RENAME table `wp_postmeta` TO `wp_a123456_postmeta`;
RENAME table `wp_posts` TO `wp_a123456_posts`;
RENAME table `wp_terms` TO `wp_a123456_terms`;
RENAME table `wp_termmeta` TO `wp_a123456_termmeta`;
RENAME table `wp_term_relationships` TO `wp_a123456_term_relationships`;
RENAME table `wp_term_taxonomy` TO `wp_a123456_term_taxonomy`;
RENAME table `wp_usermeta` TO `wp_a123456_usermeta`;
RENAME table `wp_users` TO `wp_a123456_users`;

Query in SQL

The Table of Options

You may have to add lines for other plugins that may add their own tables in the WordPress database. The idea is that you change all tables prefix to the one that you want.

The Options Table

We’ll need to look through the options table for any other fields that use the wp_ prefix and replace them. Use the following query to speed up the process:

1
SELECT * FROM `wp_a123456_options` WHERE `option_name` LIKE '%wp_%'

You’ll get a lot of results, and you’ll have to go through them one by one to change the lines.

Table of UserMeta

Next, we must search the user meta for all fields that have wp_ as a prefix so that we can replace it. For that, use the following SQL query:

1
SELECT * FROM `wp_a123456_usermeta` WHERE `meta_key` LIKE '%wp_%'

The number of entries you have depends on how many plugins you have installed and other factors. Simply replace the wp_ prefix with the new one.

Done with the backup

You’re now ready to put the site to the test. Everything should be working fine if you followed the steps above. You should now create a new backup of your database just to be safe.

Comments are closed.