Till this time we’ve covered the basics of security measures that one should take to secure their blogs. Today we are going to take slightly advanced approach and will try to ensure that automatic bots will not be able to gain access to your blog easily as we’ll change the table structure of the blog. Don’t worry if it sounds scary to you; we’ll ensure that you’ll be able to do it pretty easily as there are various tools available for the same.
While installation of WordPress, we come across a value called Table Prefix, in Wp-config.php file. By default, this value is “wp_” and most of the bloggers tend to leave the default value over there. This is where, automated bots can easily start attacking as they already know the major structure of the whole database.
There can be two approach for this particular problem -
1. Changing the table prefix before installation – This is a no brainer! If you are doing manual installation, you just need to change the table prefix from “wp_” to anything else (e.g. wp12_ , wp_1_ – in short just about anything), in wp-config.php file.
2. Changing the table prefix after installations – There are many bloggers who tend to install WordPress through automated scripts like Fantastico or through one-click installers. Those scripts don’t allow you to change the table prefix and thus the only resort in that case is to play around with phpMyAdmin and by running sql queries. There is an automated way as well.
a. Manual way of changing – Sherif has posted a wonderful and detailed tutorial that allows you to change the table prefix in 6 simple steps.
b. Automatic way of changing – Fortunately, there are plugins available to automate this 6 step process and you may use them to make your life even simpler. Blog Security has already released a plugin that automates the things for you. WP-Security scan plugin also allows you to do the same work.
***Words of Caution*** – Don’t forget to make backup of your database.
I told you! It only sounds scary, however it isn’t that difficult to play around with WordPress and little advanced tools. Now you know that why I advocate for WordPress!