How to Install Wordpress and Secure the Database

Description

Shared by: Ian72gmx

Tags

Wordpress, Security, MySLQ database

Stats

views:: 14
posted:: 8/5/2011
language:: English
pages:: 2

Public Domain

Document Sample

							Yes Loz,.. this is a fact that many hosts and Fantastico dont keep up to
date with the latest Wp version install. The problem with installing
yourself is the time it takes to upload and then to manually set up the
configure.php parameters such as WP database prefix user names and
password,.. and then need to manuallu set up a database. There is a
security issue regarding the standard databse tables prefix of "wp_" that
fantastico sets up by default, so in order to rectify this I follow a
simple procedure.

   1. Use fantastico for the intsall set up
   2. Go to your WP admin panel and clcik the "upgrade to latest version
of WP" link at the top of your dashboard. It will warn you to do a backup
of database and file but theres no need as this is an empty install at
this stage,.. so go ahead and click "upgrade automatically"
   3. Go to "settings/Privacy" and make sure your install is set up to
"allow search engines and Technorati to find your blog"
   4. Go to your MySQLmyadmin and download a copy of your database tables
(if you have no experience with this just Google "how to export mySQL
database")
   5. When you have the .txt file of your database tables saved to your
desktop open it up using Microsoft Word doc and click on the search
(binoculars icon) in the bottom right corner of your browser. Select the
"replace" tab and then "advanced" and in the "find" window type in this
(wp_) without brackets, then in the replace window type in something
individual that hackers wouldnt be looking such as (fxt7D_) without
brackets. then in the advanced options select "match case" and "match
suffix" and then click "go". In about 2 seconds it will replace all 55
instances of "wp_" with "fxt7D_". You now need to save it,.. make sure
that you save it as a UTF-8 language code, and name it "fxt7D-database"
so you can recognize it from the original. Next go to phpmyadmin and
select the database that was installed by fantasticol. Select all tables
using the "select all" checkbox and the in the window at the bottom right
select "truncate" from the menu (this will empty the existing tables).
Then click the "import" tab for the newly installed database and select
your fxt7D_ file from the "browse" file uploader,.. and click "go". you
should get a dialogue box telling you that you've successfully imported
the new file to the database.
   6. Using your ftp client open up the wordpress files on your server
for the domain concerned and then open up "configure.php". Find the line
(should be around line 56) that says $table_prefix = 'wp_';
      and replace 'wp_'; with your new prefix 'fxt7D_'; then press save.

Thats it,.. you're all done. If this was done successfully you now have
the latest version of WP installed, with a unique WordPress Database
Table prefix that makes it secure. Search engines will also be able to
find you now.
For added security you should to "users" in you WP admin file and add a
new administrator "Spiderman" (anything other than "admin") and select a
unique and complex password that yopu can remember. Set user name to
display as anything you like (including "admin") as this is what will be
displayed when you make posts and comments on your blog. Once set up,..
erase the original default "admin" user profile as this can be a security
issue because hackers usually assume an "admin" user name and then use
software to guess/hack your password.... if they are successful its " bye
bye blog".
I realize for many warriors this is old news but for any that it presents
as a new challenge... if you get stuck feel free to PM me
Russ