Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community!

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

WordPress Installing WordPress Locally Installing WordPress Locally The WordPress Setup Wizard

Changing the WP table prefix does nothing for security?

Here's an interesting article that says changing the WP table prefix does nothing for security. I'm not sure if it still applies today as the post is from 2016.


The basic idea is that hackers can use a simple SQL query to find the table prefix anyway after the injection attack anyway. Is the article accurate?

1 Answer

The only thing it could protect against is if there is a weak setup already and it's an automated script checking against the wp_ prefix and it doesn't run any SQL to check what the prefix is.