In the book Beginning WordPress 3 the author advises that changing the default WP table prefixes can provide some slight security advantage (protects from SQL injection scripts). I found several articles that explain how to do this as well. I’ve also seen people arguing that it’s not all that helpful. I thought I would try it on the theory that if it was reasonably doable and even slightly helpful, why not do it?
So, for a new project I did a Fantastico Installation, which meant that I had to go into the actual Tables via PHPmyAdmin, which I did. I changed the 11 standard table names, plus a couple of things in wp_options and in wp_usermeta, and finally the table prefix in the wp-config.php. When done I was able to login to the admin and all seems well.
My question is: can I now go forward and not worry about needing to change anything when I activate new plugins? Is this something that, once done properly, is done? That seems to be the implication but no one explicitly states this, either in the book, or in the articles I’ve read.
Here’s links to 2 articles, for FYI:
http://digwp.com/2010/10/change-database-prefix/
http://tdot-blog.com/wordpress/6-simple-steps-to-change-your-table-prefix-in-wordpress
Thanks!
I do this on every WP site I set up, and while it’s no panacea for SQL issues moving forward as it’s more obscurity than security, it does make me feel all warm and fuzzy inside. 🙂
I have never had issues with it since I started the practice two years ago. A key to the process is pointed out in both articles you’ve linked to, changing the
$table_prefixvalue in wp-config.php. If you do this, and if the plugins you are using are properly written, then they will honor that and you should not see any issues. I would feel confident about this change you’ve made.