Many WordPress security experts recommend changing the database table prefix from the default in order to help defend against generic SQL injection attacks on the database. What does this mean and how can we do it?
When WordPress is installing, it creates a number of tables in the database using information from the site’s wp-config.php file. If you’re doing a manual installation, it is a simple manner to change the default table prefix from the default “WP_” before setup, but you may not have the option if using auto install through your web host. Continue reading
All of the structure and content of your WordPress site is stored in the database. If your database is lost, so is the site. You will likely have a lot invested in your site and don’t want to start over, so it’s important to keep current backups of your site database in case of an accident or failure. You will also need a backup of the site files, separate from the database – one won’t work without the other.
Luckily, it is fast and easy to make a database backup from your host server. This post will describe the process I use to manually backup my WordPress site database. Continue reading
Many WordPress updates are updated frequently as they are improved. It is important to stay on top of these updates to keep your site healthy and safe. For most WordPress installations this is a simple process requiring only a few clicks, but some sites ask you to enter your FTP details for each and upload, installation, and deletion from the site. Why?
When you tell WordPress to update, it first checks to see if it has permission to make changes to the site. If not, it asks for permission using FTP credentials. You could change permissions to allow anyone to make changes to your site, but that wouldn’t be very secure. Instead, we’re going to define your FTP details in wp-config.php so that WordPress automatically applies your information and makes the changes. Continue reading