Getting onto the web with WordPress is quick and easy, especially if you use quick-install program like Fantastico. However, using a quick-install program can make it easy for hackers to attack your site.
There are a few things you can do to help clean up a quick install though.
Create Salts and Keys
Go to https://api.wordpress.org/secret-key/1.1/salt to generate your salts and keys. Just copy and past the new salts and keys and place them in your wp-config.php file.
Create a New Admin User
With certain quick install programs, it creates an admin user for you with the username of “admin.” Hackers know this and it makes it really easy for them to break into your site.
Begin by logging into your site as the “admin” user. Create a new user and give them administrative rights. Logout of the site and log back in as the new user you created. Now delete the user with “admin” for the username.
Another good idea would be to change the way your new admin username is displayed. If, for example, your new username is “Jon” and that displays on your post, hackers know that your username is probably “Jon.” If you set it to display your full name, “Jon Doe,” it makes it a little more difficult for them to figure out what your username may be.
Change Your Table Prefixes
Changing your table prefixes manually is relatively involved. However, it helps to improve the safety of your site as all quick installs of WordPress create tables with the prefix “wp_.”
We do NOT recommend you change your table prefixes manually unless you have advanced experience with databases!
To change the table prefixes manually, you’ll go into your wp-config.php file and change your table prefix to something new. You’ll then need to log into your server’s cPanel and into your MySQL database. You’ll have to change the name of every table associated with your site.
You’ll then need to run queries in the options table and the usermeta tables:
SELECT * FROM w3pp_options WHERE option_name LIKE ‘%wp%’
SELECT * FROM w3pp_usermeta WHERE meta_key LIKE ‘%wp%’
Any data these queries return will need to be changed to the new prefix you’ve created.
Don’t have the advanced database skills to change your table prefixes manually?
Don’t panic! There is an easier solution!
You can also change your table prefixes using BackupBuddy.
You’ll start by creating and downloading a Database Only backup of your site along with downloading importbuddy.php. You’ll then want to create a new database for the site. Creating a new database allows you to access your original database tables if you need to revert to the original if something goes wrong.
From there, you’ll use your database backup and importbuddy.php to recreate your site. One of the last steps (step 4 out of 6) in the BackupBuddy process will ask for your database information and will allow you to create a table prefix of your choosing.
Again, there are a number of things you can do to clean up a quick install of WordPress, or even just an old install of WordPress.
The suggestions here are a good way to start, but be sure to check out the premium WebDesign.com webinar, Fixing WordPress Installations, for more ideas on how to clean up your site.