- Hardening WordPress: Pre-Install – Don’t Use the Default wp_ Database Table Prefix
- Hardening WordPress: Set Unique Auth Keys and Salts for Authentication Cookie Encryption
The default table prefix for a wordpress install is ‘wp_’ – make it different! Any attacker attempting to access database tables will use the default naming convention first – don’t make it easier for them!
Changing the table prefix on an existing site is quite involved so employ this from the outsetwhen you’re running through the setup.
Should you wish to do this to an existing installation, the table_prefix variable can be found as shown below in the wpconfig.php file: