Comments for Sidewalk Cafe Design http://www.sidewalkcafedesign.com Just another WordPress site Sun, 13 Nov 2011 01:17:42 +0000 hourly 1 http://wordpress.org/?v=3.3 Comment on Is WordPress secure? by Eliana http://www.sidewalkcafedesign.com/is-wordpress-secure/#comment-12 Eliana Sun, 13 Nov 2011 01:17:42 +0000 http://www.sidewalkcafedesign.com/?p=951#comment-12 I use a plugin called WordPress Prefix Table Rename, by seo eggheads (http://www.seoegghead.com/software/wordpress-table-rename.seo). And you're correct, hackers will look for the default table prefix, which is wp_. Here's what seo eggheads says about why you need to rename your table prefixes. "Well, it turns out that the majority of exploits we've seen against WordPress-based web sites (this one and those for clients) have a very simple signature — they attempt SQL injection attacks with the assumption that the table prefix is set to "wp_." So why not just change the prefix?" And here's what their plugin does. 1. Creates a duplicate set of tables with the same structure/schema. 1a. Copies a coherent version of the old tables to the new tables. 1b. Makes a few changes to the data in the new tables with regard to the new table names. (all the while showing all executed queries to keep you informed). 2. Swaps to the newly-created set of tables. I do have one complaint about the plugin. It's not in the WordPress repository, so you have to download it from their site, and then ftp it to your site. I use a plugin called WordPress Prefix Table Rename, by seo eggheads (http://www.seoegghead.com/software/wordpress-table-rename.seo). And you’re correct, hackers will look for the default table prefix, which is wp_. Here’s what seo eggheads says about why you need to rename your table prefixes.

“Well, it turns out that the majority of exploits we’ve seen against WordPress-based web sites (this one and those for clients) have a very simple signature — they attempt SQL injection attacks with the assumption that the table prefix is set to “wp_.” So why not just change the prefix?”

And here’s what their plugin does.

1. Creates a duplicate set of tables with the same structure/schema.
1a. Copies a coherent version of the old tables to the new tables.
1b. Makes a few changes to the data in the new tables with regard to the new table names.
(all the while showing all executed queries to keep you informed).

2. Swaps to the newly-created set of tables.

I do have one complaint about the plugin. It’s not in the WordPress repository, so you have to download it from their site, and then ftp it to your site.

]]> Comment on Is WordPress secure? by Thomas http://www.sidewalkcafedesign.com/is-wordpress-secure/#comment-11 Thomas Sat, 12 Nov 2011 17:15:10 +0000 http://www.sidewalkcafedesign.com/?p=951#comment-11 You mention, "Rename the tables in the database..." Is that because hackers will look for the default name used in automated WP installations? And, if so, does renaming the databases require you to update WP's default scripts, so it can 'find' the newly-renamed DB? Thanks for a very informative post! You mention, “Rename the tables in the database…” Is that because hackers will look for the default name used in automated WP installations?

And, if so, does renaming the databases require you to update WP’s default scripts, so it can ‘find’ the newly-renamed DB?

Thanks for a very informative post!

]]> Comment on Is WordPress secure? by Nancy Sloane http://www.sidewalkcafedesign.com/is-wordpress-secure/#comment-7 Nancy Sloane Thu, 10 Nov 2011 14:34:42 +0000 http://www.sidewalkcafedesign.com/?p=951#comment-7 Thanks Eliana for helping to clear up the confusion! Thanks Eliana for helping to clear up the confusion!

]]>