( 0 )

Product Documentation

  1. Home
  2. Product Docs

Documentation

Check Database Table Prefix [ Pro ]

The Check Database Table Prefix feature scans your WordPress installation to detect if the default wp_ table prefix is still in use. It’s a common vulnerability targeted by automated SQL injection attacks. If detected, it alerts the administrator and offers an option to safely change the prefix to a more secure, custom alternative.

It’s particularly helpful for:

  • Hardening your database against predictable attack vectors
  • Ensuring your site passes basic security audits and compliance checks
  • Avoiding conflicts in multisite or cloned environments
  • Enhancing protection for high-value or enterprise-grade WordPress installations
  • Educating clients and teams on overlooked backend vulnerabilities

This feature is ideal for conscious site owners who want to lock down their database layer without manual intervention. It adds a silent but powerful layer of protection to ensure your site’s foundation isn’t built on predictable defaults.

Note: You must activate the Pro plugin to get this feature. Plus, we recommend creating a backup of your database before using this feature. 

Here is how you can use this feature: 

Enable the DB Table Prefix

  • Go to Admin Safety Guard > Check DB Table Prefix. 
  • Now check the Current Prefix. 
  • If the prefix is bad, you need to change the prefix by creating a new one. 

Recommended Secure Prefix Styles

  • Followed by, you will see a Recommended Secure Prefix Styles.
  • In this section, you will find a properly defined prefix for the database. If you reload the page, these recommendations will also change. 

You can also follow a set of standard to create a prefix by your own. Here are the standards to validates the $wpdb->prefix against a robust set of security rules:

  • Must end with an underscore _
  • Length between 4 and 20 characters (excluding the trailing underscore)
  • Only lowercase letters, numbers, and underscores—must start with a letter
  • Must include at least one letter and one number
  • Must avoid common or guessable terms (e.g., admin, wp, blog, test, data, etc.)
  • Must not match SQL keywords or use simple patterns (12345, qwerty, aaaa, etc.)
  • Must not contain double underscores __ internally
  • Must pass an entropy check (≥ 2 distinct letters and ≥ 2 distinct digits, or ≥ 5 unique characters total)

Execute Prefix Change (Proceed With Caution)

This is the most critical section where you need to be careful in every step. First of all, we highly recommend you crate a backup of your database.

Then follow these steps: 

  • Put the recommended prefix name In the blank beside the New Prefix. 
  • You can also create one by following the standard and paste it here. 
  • In the following section – Type “I UNDERSTAND” put the words I UNDERSTAND in the blank. 
  • You must put the words as it is recommended and every letter should be in capital letter. 
  • Now click the Change Prefix button. 
  • You will get a success message where you need to press OK.
  • Now, you can see the database prefix has been changed to our given name. 
  • You can get access to your site’s database via the hosting provider. 
×

Please send us your requirements

We will reply within 2 hours