Hey - very nice idea! Will examine and probably use the package later. *tagged*

indeed!

Hmmm does the plugin do anything to stop Wordpress from reporting the SQL error?

Without that, changing the table prefix does not really help much. Wordpress will tell the attacker the table prefix on a failed SQL query.

Stefan, hence why I mentioned if error messages are turned off. This plugin is part of a much bigger project which we will reveal shortly.

David, I installed a dummy WP 2.2.1 and imported a database while that plugin was active. Everything went fine. Just in case, there are php 5.0 and MySQL - 5.0.24
Hope, that could be useful :)

Yeah, but you said PHP error messages.

The error message I speak of is generated by the Wordpress SQL code to “debug” SQL errors.

The “secret” project you mean is not the Wordpress Hardening Plugin, is it? ;-)

Mikhail, brilliant, thanks for testing it.
Stefan, much better then a hardening plugin :)

Thanks for the feedback guys.

You fork Wordpress?

That is actually something a few friends wanted to do for a long time ;)

[…] After some discussions about what we can do, I started working on the first Plugin for BS. The WP Prefix Table changers aim is it to change your Wordpress table prefix from wp_ to something different, which should be as […]

Hi there.

I’ve just downloaded this plugin, thrown it into blog directory, loaded, and get this:

Fatal error: Call to undefined function add_action() in /home/ave/ftp/blogs/blog/prefix-changer.php on line 13

I have WP 2.3 and a good host :)

@Dash, well did you put the Plugin into the wp-content/plugins folder(where it should be) or within the root of your Blog? Your Path looks like the Second case(as for that it shouldn’t even be available from the Plugin list).

If the above didn’t solved the Problem, I don’t know what’s causing the problem as add_action() is some available Function within WPs core, all I can imagine is that something is corrupt for your WP install, so the function add_action isn’t created.
Is it a fresh install of WP, do you run any other Plugins successful with it?

Just installed the plugin on one of my blogs (which isn’t as important…) and got ‘failed’ on all database tables. I just had to re-edit wp.config manually to the original state (wp_) for my blog to work again.

Maybe the plugin doesn’t work on WP 2.0.11?

Now for the moment I won’t try this again on my main blog (with 2.2.3 running) …

Boris, correct, if the plugin fails you normally just have to change the wp-config.php file and set it back to your original wp prefix.

Phil, maybe we should only edit wp-config.php on a successful test?

David for sure, that will be added for the next release. As well I’m going to take a look into your Problem for a WP 2.0.11 Install. But mostly I believe something else caused the problem(maybe not enough rights for your MySQL user or whatever).

[…] receiving some error reports, we have confirmed the plugin is working on the following WP versions, 2.0.11 and […]

[…] existen plugins que te permite cambiar el prefijo casi sin tener que hacer nada. Uno de ellos es WP Prefix Table Changer, igual de claro como su […]

[…] on me, I know). A new reply hits, this time a useful response. He linked across a plug-in that will change your table prefixes for you. Of course, since I’ve already done half the job, I use the source to find out what I […]

Hi Guys,
Thanks for creating this. Unfortunately it isn’t working for me on WordPress 2.3.1. Giving the error:
“Your User which is used to access your Wordpress Tables/Database, hasn’t enough rights( is missing ALTER-right) to alter your Tablestructure.”
When it does have that permission.

Cheers,
Martin

[…] If you have already installed, follow these steps outlined here. There is also a plugin here. […]

I’m having the zact same problem as Martin, despite the fact that I have checked that my user has ALTER privileges until I’m blind. I even deleted and recreated my user, but no love. I’m running WP 2.3.1 as well.

Binky and Martin, could you both please send us, through the Contact Formular, your SHOW GRANT CURRENT_USER records, so we can track the problem.

I’m having privilege problems as well. Fresh install v 2.3.1, getting error message “Your User which is used to access your Wordpress Tables/Database, hasn’t enough rights( is missing ALTER-right) to alter your Tablestructure.”

Copy & pasted directly from mysql admin:

Privileges: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER

Ryan, I investigate that Problem. Please be patient.

[…] gak ribet ‘tuk mengubah “wp_” prefix tsb dengan menggunakan sebuah plugin bernama “WP Prefix Table Changer”, kemudian plugin laen adalah, ini dah umum juga, “Role Manager”, ‘tuk mengatur […]

i’ve the zact same problem as binky, ryan, and martin. the privilleges absolutely sam as ryan :

privileges: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER.

..and still get that annoying message despite changed the privileges to “All Privileges”.

so?

get same problem please fix it

actually, i had the same problem as them above, aand change the default prefix (wp_) manually (one by one) is not a good job, why? ..because i’ve a bunch plugins which has been installed on my own blog, and of course it using wp_ prefix too, one of these are firestat.

but, i am successfully changing the default prefix (wp_) using my own method, see below:

1. backup your wordpress database (i’m using phpmyadmin) to an *.sql file.

2. open that *.sql file (make another copy first) using text editor, then find and replace all “wp_” prefix to “something_”.

3. now, drop all tables of your wordpress databases (don’t drop the database :D)

4. import the *.sql file which has been edited before into your wordpress databases.

5. and lastly, edit your wp-config.php file and change the $table_prefix = ‘wp_’; to $table_prefix = ’something_’;

6. in my case, all plugins will be deactivaed automatically, so login to your blog admin panel, then activated your all plugin.

7. done ! ;)

it work perfectly for me.. !

I’ll release soon a new version which will be something like a workaround to track these problems down.

[…] the wordpress table prefix, it’s easier to do when installing wordpress, but there is a good plugin to do it easily […]

I also have problems with 2.3.1 and the plugin, same as above. Thanks for the plugin anyway :)

[…] If you have already installed, follow these steps outlined here. There is also a plugin here. […]

[…] at BlogSecurity.net have developed a plugin for Wordpress that is designed to alter this prefix. WP Prefix Table Changer gets activated like a regular plugin but will alter things so that you have this vulnerability […]

[…] bestehenden Installationen von Wordpress können die Prefixe nachträglich mit diesem Tool geändert werden. Dazu sind keine MySQL Kenntnisse notwendig, die Ändeurng in der […]

[…] Ändere den Prefix für die WP-Datenbank Für den Fall das es der Hacker es doch bis zur Datenbank schafft, sollte zu mindestens der Prefix der Tabelle nicht “wp_” lauten. Das macht es wenigstens nochmal etwas kniffliger. Dafür gibt es sogar ein Plugin. […]

[…] In Code http://www.lildude.co.uk/howto-chang…-table-prefix/ Atau boleh cuba guna plugin ini: BlogSecurity

[…] In Code http://www.lildude.co.uk/howto-chang…-table-prefix/ Atau boleh cuba guna plugin ini: BlogSecurity

[…] bekannt sind wird so ein MySQL-Injection-Angriff vereinfacht. Ändert man das Prefix z.B. mit dem Prefix Changer Plugin muss ein Angreifer erheblichen Mehraufwand betreiben um Datenbankeinträge zu verändern.Bei einer […]

[…] bereits bestehenden Installationen können im Nachhinein die Präfixe mit dem PlugIn WP Prefix Table Changer geändert […]

[…] Change your Wordpress table prefixes. Everyone knows they start with wp_. Stop that! here’s a plugin and additional security resources to help. […]