By default EE + WordPress site is currently using the default WordPress DB prefix value of “wp_”. To increase your site’s security you should consider changing the DB prefix value to another value…
All you need to do is edit this file
/etc/ee/ee.conf
and change PREFIX from false to true on this line
prefix = false
to
prefix = true
This will give you option to create your own prefix every time you create a new site.
Although some security plugins recommend doing this, it doesn’t really provide any increased security at all. If someone can access your database then it’s already too late as it’s then trivial to find the prefix/table names.
It’s not related to direct access to the database, only to attack like SQL injections.With the wp_ prefix, in case of security vulnerabilities, attacker may be able to inject data in your tables.
For example Serverpilot changes your Wordpress DB prefix automatically which is really nice feature.
Just use phpmyadmin to replace the default table prefix and then edit the prefix in your wp-config.php file.
It’s not related to direct access to the database, only to attack like SQL injections.With the wp_ prefix, in case of security vulnerabilities, attacker may be able to inject data in your tables.
If they can inject SQL they can get the prefix - it’s no protection at all from this
No, but SQL injection will be easier if the attacker already now what tables of your database he should attack. With a custom prefix, it make it harder
When you check your nginx log you may found some records like :
/wp-content/plugins/my_custom_plugin/check_user.php?userid=-6859
UNION ALL SELECT (SELECT CONCAT(0x7171787671,IFNULL(CAST(ID AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(display_name AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_activation_key AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_email AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_login AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_nicename AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_pass AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_registered AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_status AS
CHAR),0x20),0x616474686c76,IFNULL(CAST(user_url AS CHAR),
0x20),0x71707a7871) FROM
wp.wp_users LIMIT 0,1),NULL,NULL--
As you can see, the last line is FROM wp.wp_users
. I have already faced to massive attacks on some servers, I use Graylog to analyze all logs and to alert me if it detect some particular queries, and almost all SQL injections attacks try to alert wp_users or wp_option, and the table is directly selected in the nginx request.