Você está se perguntando como alterar o prefixo do banco de dados do WordPress para o seu site?
A alteração do prefixo do banco de dados pode proteger os dados do seu site contra injeções de SQL e outros ataques de hackers on-line. Essa pode ser uma etapa importante para melhorar a segurança do WordPress.
Neste tutorial, mostraremos como alterar o prefixo do banco de dados do WordPress para aumentar a segurança.
Por que você deve alterar o prefixo do banco de dados do WordPress?
O banco de dados do WordPress é como um cérebro para todo o seu site WordPress, pois todas as informações e arquivos são armazenados nele.
Isso faz com que o banco de dados seja o alvo favorito dos hackers. Os spammers e hackers podem executar códigos automatizados para injeções de SQL e entrar em seu banco de dados do WordPress.
Infelizmente, muitas pessoas se esquecem de alterar o prefixo do banco de dados durante a instalação do WordPress. Isso torna mais fácil para os hackers planejarem um ataque em massa, tendo como alvo o prefixo padrão wp_.
A maneira mais fácil de proteger o banco de dados do WordPress é alterar o prefixo do banco de dados, o que é muito simples de fazer em um site que você está configurando.
São necessárias algumas etapas extras para alterar o prefixo do banco de dados do WordPress adequadamente para o seu site estabelecido sem bagunçá-lo completamente. Dito isso, mostraremos como alterar o prefixo do banco de dados do WordPress e aumentar a segurança do seu site.
Tutorial em vídeo
Se você não gostar do vídeo ou precisar de mais instruções, continue lendo.
Como alterar o prefixo do banco de dados do WordPress
Recomendamos que você faça backup do seu banco de dados do WordPress antes de fazer qualquer coisa sugerida neste tutorial. Também é importante manter backups diários de seu site do WordPress usando um plug-in como o Duplicator.
Também recomendamos que você redirecione seus visitantes para uma página de manutenção temporária enquanto altera o prefixo do banco de dados. Caso contrário, você poderá causar uma experiência de usuário ruim para os visitantes do seu site.
Como alterar o prefixo da tabela no wp-config.php
Primeiro, você precisará se conectar ao seu site usando o FTP ou o aplicativo Gerenciador de arquivos na sua conta de hospedagem do WordPress.
Em seguida, você precisa abrir o arquivo wp-config.php, que está localizado no diretório raiz do WordPress. Aqui, você pode alterar a linha do prefixo da tabela de wp_ para algo como wp_a123456_
Portanto, a linha teria a seguinte aparência:
$table_prefix = 'wp_a123456_';
Observação: você só pode alterar o prefixo da tabela usando números, letras e sublinhados.
Alterar todos os nomes de tabelas do banco de dados
Em seguida, você precisa se conectar ao seu banco de dados usando a ferramenta phpMyAdmin. Se o seu host usa o painel do cPanel, você pode encontrar facilmente o phpMyAdmin lá.
Há um total de 11 tabelas padrão do WordPress, portanto, alterá-las manualmente seria muito trabalhoso.
Em vez disso, você deve clicar na guia “SQL” na parte superior.
Em seguida, você pode inserir a seguinte consulta SQL:
RENAME table `wp_commentmeta` TO `wp_a123456_commentmeta`;
RENAME table `wp_comments` TO `wp_a123456_comments`;
RENAME table `wp_links` TO `wp_a123456_links`;
RENAME table `wp_options` TO `wp_a123456_options`;
RENAME table `wp_postmeta` TO `wp_a123456_postmeta`;
RENAME table `wp_posts` TO `wp_a123456_posts`;
RENAME table `wp_terms` TO `wp_a123456_terms`;
RENAME table `wp_termmeta` TO `wp_a123456_termmeta`;
RENAME table `wp_term_relationships` TO `wp_a123456_term_relationships`;
RENAME table `wp_term_taxonomy` TO `wp_a123456_term_taxonomy`;
RENAME table `wp_usermeta` TO `wp_a123456_usermeta`;
RENAME table `wp_users` TO `wp_a123456_users`;
Lembre-se de alterar o prefixo do banco de dados para aquele que você escolheu ao editar o arquivo wp-config.php.
Talvez você também precise adicionar linhas para outros plug-ins que adicionam suas próprias tabelas no banco de dados do WordPress. A ideia é que você altere todos os prefixos de tabela para o prefixo que deseja.
A tabela de opções
Em seguida, precisamos pesquisar na tabela de opções quaisquer outros campos que estejam usando wp_ como prefixo para que possamos substituí-los.
Para acelerar o processo, você pode usar esta consulta:
SELECT * FROM `wp_a123456_options` WHERE `option_name` LIKE '%wp_%'
Isso retornará muitos resultados, e você precisará percorrê-los um a um para alterar essas linhas e seus prefixos.
Tabela UserMeta
Em seguida, precisamos pesquisar no usermeta todos os campos que estão usando wp_ como prefixo, para que possamos substituí-lo.
Você pode usar esta consulta SQL para isso:
SELECT * FROM `wp_a123456_usermeta` WHERE `meta_key` LIKE '%wp_%'
O número de entradas pode variar dependendo de quantos plug-ins do WordPress você estiver usando em seu site. Basta alterar tudo o que tiver wp_ para o novo prefixo.
Agora você está pronto para testar seu site. Se você seguiu as etapas acima, tudo deve estar funcionando bem.
Recomendamos fazer um novo backup de seu banco de dados por precaução.
Esperamos que este artigo tenha ajudado você a aprender como alterar o prefixo do banco de dados do WordPress. Você também pode gostar de ver nosso guia sobre como otimizar seu banco de dados do WordPress e nossas escolhas de especialistas dos melhores plug-ins de banco de dados do WordPress.
Syed Balkhi says
Hey WPBeginner readers,
Did you know you can win exciting prizes by commenting on WPBeginner?
Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
You can get more details about the contest from here.
Start sharing your thoughts below to stand a chance to win!
Dave van Hoorn says
Update the SQL for renaming the prefixes please. WordPress adds the ‘wp_termmeta’ table now. It’s included in the SQL below.
RENAME table `wp_commentmeta` TO `wp_yoursitename_commentmeta`;
RENAME table `wp_comments` TO `wp_yoursitename_comments`;
RENAME table `wp_links` TO `wp_yoursitename_links`;
RENAME table `wp_options` TO `wp_yoursitename_options`;
RENAME table `wp_postmeta` TO `wp_yoursitename_postmeta`;
RENAME table `wp_posts` TO `wp_yoursitename_posts`;
RENAME table `wp_termmeta` TO `wp_yoursitename_termmeta`;
RENAME table `wp_terms` TO `wp_yoursitename_terms`;
RENAME table `wp_term_relationships` TO `wp_yoursitename_term_relationships`;
RENAME table `wp_term_taxonomy` TO `wp_yoursitename_term_taxonomy`;
RENAME table `wp_usermeta` TO `wp_yoursitename_usermeta`;
RENAME table `wp_users` TO `wp_yoursitename_users`;
Prabhudatta Sahoo says
When I am renaming my tables in the database all the images in the gallery are going away, I do not understand the reason. Could anyone please help me fixing this issue?
Terry Thorson says
This issue will occur if you do not update the serialized data strings (used for your gallery images) correctly in the database. A good way to do this is to use the plugin WP Migrate DB. There is an excellent tutorial for this on Lynda.com (although be sure to use the same prefix for your target database as your source database).
I learned this the hard way. Trying to start afresh, I discovered my backup was faulty as well. Luckily my webhost had an older backup I could use to restart my migration. WP Migrate DB did the trick.
Cameron Jones says
I can’t find any fields in the _usermeta or _options tables that would require updating. Unless they are specifically referencing a table, they shouldn’t need to be updated. It’s a table prefix, not a variable prefix.
Cameron Jones says
Actually, I stand corrected. There are a couple that will be part of a default WordPress install:
In prefix_options
prefix_user_roles
In prefix_usermeta
prefix_capabilities
prefix_user_level
prefix_dashboard_quick_press_last_post_id
prefix_user-settings
prefix_user-settings-time
You should be careful regarding updating any other fields. Plugins may either use the defined prefix or `wp_` as a prefix. Always make a backup and test on a dev or staging environment.
kapil says
hi,
i have a query. assume that i have changed all my prefix from wp_something to some other name. these changes will be done to the existing fields in the database only. but wont the codes in my wordpress .php files remain the same??? so next time for any new user registration or some other registration, the entities will again be saved as wp_something as the main code in the .php files remains unchanged… ???
thanks….
tech says
UPDATE `wp_a123456_options` SET `option_name`=REPLACE(`option_name`,’wp_’,’wp_a123456_’) WHERE `option_name` LIKE ‘%wp_%’;
UPDATE `wp_a123456_usermeta` SET `meta_key`=REPLACE(`meta_key`,’wp_’,’wp_a123456_’) WHERE `meta_key` LIKE ‘%wp_%’;
I do changes but after doing this i again run following query it shows prefix not changed
SELECT * FROM `wp_a123456_options` WHERE `option_name` LIKE ‘%wp_%’
Wiem says
Thank you for the queries
Nathan WHite says
This post and the responses to the comments leaves out a very important component. Does the table need to begin with wp_ ?
Coming upon another discussion in wordpress.org indicated that it indeed did not need to. It would have helped me if this question was answered by the moderator.
Also, dismissed_wp_pointers questions were not clearly answered. I changed mine.
Clare Wood says
Hi guys,
I followed these steps, now when I try to see the back-end or front-end of my site I get this:
ERROR: $table_prefix in wp-config.php can only contain numbers, letters, and underscores.
I’m positive I only have lowercase letters and an underscore as my table prefix.
Any ideas? The site is on localhost.
Cheers.
Paul says
Fantastic and logically prepared article on Wp security.
Thomas says
Thanx a bunch! I tried to restore my old database, but to no avail. Then I figured out that my new database prefix was different from old. Made all that you recommended and vuala!
Divyesh says
Thanks a Lot!!!
It worked like a charm
Nikhil says
I am getting this error…….”You do not have sufficient permissions to access this page” after implementing above procedure…..how to solve it?????
Saz says
These instructions have been followed but now role assignment for new users has disappeared…
Tom says
Thanks for a great tips .
I have a question.
Do I need to change “wp_ ….” used in post_meta table as well?
johnny says
or this plugin http://wordpress.org/plugins/db-prefix-change/
savagemike says
For the wp_options and wp_usermeta tables, why not dump the database and use sed to replace “wp_” with the new prefix? Example:
sed -i ‘s/wp_/wp_1234/g’ > filename.sql
Then, simply import the modified dump. Easier and faster than changing cells one-by-one.
gcreator says
Attacker can simple use ‘%wp_%’
I mean that is not fully secure at all…
because he knows the table names that wordpress generates he can simply use ‘_%users’ for wp_anything_users OR ‘_%posts’ for ‘wp_anything_posts’ ..etc…
Jim says
gcreator…
For 99% of the attacks against WP databases, the skiddies are using pre-built tools and default settings. This gets you out of their crosshairs.
if you are under focused attack then yeah, simple obfuscation will only slow them down, not completely protect you.
javed says
thanks a lot
gabe says
I got syntax error when following this (my version of SQL is 5.5.x).
I had success after referring to the SQL manual. Needed to leave the quotes out of the query:
[WRONG] RENAME table ‘wp_links’ TO ‘wp_xx_links’;
[RIGHT] RENAME TABLE wp_links TO wp_xx_links;
RosellaBird says
Thanks! That saved me a lot of time
I had the same error too
Sepster says
You were using “standard” quotes ‘. The correct syntax to identify object names in mySql is to use “backquotes” ` (ie the key in the top left of a standard-US keyboard, left of the number 1)
Marcello Nuccio says
The problem is that you are using the wrong quotes. You must use the backtick character around table names, not the apostrophe. In SQL, the apostrophe is used to delimit strings.
Karen says
I have changed the prefixes of a new install and then built a whole new site! I suddenly realised that I might not be able to update wordpress as normal from the admin panel..
Does changing the prefixes affect being able to update wordpress as normal???
Pablo says
Nice.
You can use this as well:
UPDATE `wp_a123456_options` SET `option_name`=REPLACE(`option_name`,’wp_’,’wp_a123456_’) WHERE `option_name` LIKE ‘%wp_%’;
UPDATE `wp_a123456_usermeta` SET `meta_key`=REPLACE(`meta_key`,’wp_’,’wp_a123456_’) WHERE `meta_key` LIKE ‘%wp_%’;
Haary says
Please answer ” How to create a plugin for take a backup of speific table in wordpress database?” in the stackoverflow
Haary says
It is a nice tutorial. Please see the link http://stackoverflow.com/questions/21546786/how-to-create-a-plugin-for-take-a-backup-of-speific-table-in-wordpress-database
David Appleby says
Very nice guide thanks.
Andrew Rickards says
Thanks for the useful info. I just tried changing my DB prefix and everything seems to have worked perfectly.
John says
Thank you for doing the work to inform us on this topic. I have zero experience with WordPress, mySQL and PHP, so your help is greatly appreciated. A couple of questions:
You have a graphic right below the words “There are a total of 11…”, with SQL circled. Am I supposed to check all the checkboxes?
In the section titled “The Options Table”, which I’m getting to next, you say “This will return a lot of results, and you need to go one by one to change these lines.” How is this done (or will it be perfectly obvious)?
WPBeginner Support says
John, you need to click on the SQL which will open a Text Area, copy and paste the query given below the circled screenshot into SQL textarea and click Go button.
When updating options table you will run another SQL query to search for fields which have wp_ in them and replace those fields with your new database prefix. The query will return a number of rows you need to click on the Edit button next to each row to edit it and manually replace wp_ with your new database prefix.
Administrador
Iftekhar says
Dear writer, I have tested this in my local server. I am having problem to get access in my admin panel after changing table prefix. I have found “dismissed_wp_pointers” this in my database. Do I need to change it also?
Thanks in advance
WPBeginner Support says
No we don’t think you need to change that.
Administrador
Iftekhar says
Problem solved :). Actually I forgot to change option table. Thanks for reply.
AMSGATOR says
`dismissed_wp_pointers` shows up when querying SELECT * FROM `wp_a123456_usermeta` WHERE `meta_key` LIKE ‘%wp_%’
So I changed it since this says to change all the wp_ to the new prefix. I hope it doesn’t break anything.
Kobbe says
Is this tutorial for an already installed blog…? Please kindly brief me on how to do this on a FRESH installations.
AMSGATOR says
If you have already installed WordPress (regardless of how much you published) and you want to change the prefix then follow this tutorial.
blurped says
Great guide, works like a charm. One question- why did you leave ‘wp_’ in the new prefix? Seems like a whole lot of effort to change your table prefixes but still leave that fragment in there. Just remove it completely or replace it with something else more random (like ‘eh_’ or whatever)
yerom says
Well, everything is just fine… But when i’m go back to my site, it makes me the 5 minutes install again…
I think i missed something.
Anyone had the same issue ?
Tks !
WPBeginner Support says
Check your wp-config.php file, it seems like you forgot to update
$table_prefixvalue.Administrador
ideal ismail says
hi Admin,
Regarding the naming convention for the table prefix, “Note: You can only change it to numbers, letters, and underscores. Feel free to mix uppercase and lowercase.”
this is not true. You CAN’T use uppercase as it will wreak havoc with your database entries. i personally encountered this and the solution is to restrict to using numbers, underscores and lowercase letters.
many other people have encountered this. a quick google search gave me the following:
http://wordpress.org/support/topic/case-sensitive-wp_table_prefix?replies=1
http://stackoverflow.com/questions/9827164/wordpress-keeps-redirecting-to-install-php-after-migration
http://esdev.net/wordpress-error-you-do-not-have-sufficient-permissions-to-access-this-page/#.Ui_pHtJkMwB
hope that helps.
Editorial Staff says
Updated the article.
Administrador
Steve says
Couldn’t you just back everything up,
export the DB to a DBbackup.sql file
open it with a text editor.
do a global search and replace and replace wp_ with mynewprefix_
Save the file,
drop all the tables in the DB
and import the new DBbackup.sql?
Editorial Staff says
You could do that
Administrador
Steve says
Update – The global search and replace works. However, it might work too good. One of the side effects is that it returns all of your widgets to the default (fresh install) state.
Luckily – it returns them to the “inactive section” so you don’t have to completely re-do them. My lesson learned was to take a screen shot of the dashboard (before) so it’s easier to remember where you had them all.
Ahsan says
Hey after changing table prefix and table name from mysql when i refresh the website it says website has a redirect loop, what should i do?
Andrew says
leave the database changes to the professionals…………..
GReg says
Update the prefix definition in config.php
Katie says
Tried to do this on a multisite database install… totally failed. I seemed to put all the queries in correctly, but I got errors and at the end of all the steps my site was just redirecting itself indefinitely…
Mike says
I did these changes as instructed but now I can’t get to my admin page.
Mark Pescatrice says
Well after about 30 minutes of sweating bullets, I was able to do this. I made one tiny typo on wp-config.php. but otherwise it went smoothly. I did use Duplicator to create a backup before starting all of this.
I recommend users to do the following additional steps:
Before starting, put a dummy index.html in the root folder of your WP install, and renaming index.php to index.php.tmp (or something similar). After making a tiny typo in the wp-config.php file, I found myself at the WP install page.
After you are done, rename index.php.tmp to index.php and remove or rename the index.html page.
Thanks for the great article. I’m curious to see how the changes will affect the spam count.
Mark Pescatrice
Al Lemieux says
In terms of process, do I make these security changes locally first? Or do I make them on WordPress?
Editorial Staff says
You make them on WordPress.
Administrador
Dana Nourie says
After changing the table prefixes, I can log in and all the content is there, but I’m not getting the admin interface. Any idea what I should check?
Thank you!
Dana
Dana Nourie says
Nevermind, I had to change entries in the options table.
Corey says
What about things like this? Do we need to change the wp in this, or only when it starts with wp?
dismissed_wp_pointers
Editorial Staff says
You should be able to change it to whatever you like.
Administrador
ana says
I am confussed about ‘ _site_transient_timeout_wporg_theme_feature_list ‘ these, do I have to change wp here as well? and if yes then plz give an example.
AMSGATOR says
You should only have to change it if wp is followed by an underscore (i.e., wp_)
Eric says
Awesome information security for wp anti thief..But is there any free plugin or software to automate these processes?
Editorial Staff says
Don’t think there is.
Administrador
Yann says
Thanks for the tutorial.
Here a plugin to automate these processes : http://wordpress.org/extend/plugins/wp-security-scan/
Daniel Garneau says
All In One WP Security plugin has a Database Security option for editing the prefix of an existing WordPress database. I have been using the plugin for several months now, but I have not used this feature yet.
Orion says
just tried this out, everything changed according to your instructions, hopefully this keeps the russians out….for a while at least.. Thank you for posting.
Benno says
Thanks, worked great on my new blog!
Debra says
I must be a total idiot because I sure can sort this out. Can’t even find the wp database. Geez this is frustrating
Editorial Staff says
Which web hosting service are you using?
Administrador
Scott Semple says
Successfully changed the database prefixes, but now I can’t sign in?
My ##_capabilities in ##_usermeta is for an admin: a:1:{s:13:”administrator”;s:1:”1″;}
Thoughts on why I still can’t sign in? Thanks!
Editorial Staff says
It loads the website properly, but you can’t sign in? What error does it say… Incorrect password? or incorrect username?
Administrador
mckenzie says
thanks so much! i searched all over the internet and you are the only blog entry to get this right on the spot!!
rawalbaig says
Please Help me I’m not able to process the last two steps For “The Option Table” I’m Here http://imageshack.us/photo/my-images/819/img00.png
& ‘”UserMeta Table” Here http://imageshack.us/photo/my-images/84/img002o.png
What to do next I’m not able to login my wordpress account
TrentJessee says
Excellent security post, and well written. What would you charge to do this service for people? Thanks!
http://trentjessee.com
WesHopper says
@wpbeginner @WesHopper
wpbeginner says
@WesHopper You just manually change it. Because the number vary based on the plugins you have.
Keith Davis says
Hi Admin
Good clear instructions but I’ve never had the confidence to attempt a database prefix change – just in case!
You boys provide some great stuff – much appreciated.
Leonco says
Very interesting security steps…
But surely there has to be a security plugin that addresses
the issue of preventing hacking.
João says
There are several plugins that do this, but the truth is that it’s always good to know how to do this yourself.
For example I had an (apparently) buggy plugin change my WordPress database prefix just now, and i was locked out of my own WP installation.
This simple guide showed me how to undo the damage.
Vivek Parmar says
Thanks a lot for sharing this. it is essential to secure WordPress first before posting any content your blog.