Don’t be a sucker. The easiest way to give a hacker a head start on your Joomla installation is to use the default table prefix for your database. In the 1.5 days, the installation process always defaulted to “jos_”, but nowadays, I think they’ve eliminated this security risk by generating a unique prefix for you.

Nonetheless, there’s still loads of sites running Joomla! 1.5.. If you’re one of them and you’re using the default “jos_” table prefix in your database, I would recommend you give this script a run. Better safe than sucker.

To Use

1. Copy the below script to a file named renamer.php and upload it to the root of your Joomla installation.
2. Substitute the “new_” in the second line with your preferred prefix, i.e. “xyz_”.
3. Run it by going to http://www.yoursitenamehere.com/renamer.php and wait until it responds with an OK, usually after a couple of seconds.
4. Delete the renamer.php script. FOR REAL, THIS IS IMPORTANT.
5. Edit your configuration.php file to reflect the new prefix.  Find the line starting with var $dbprefix. It should look like this:

   var $dbprefix = 'jos_';
   

6. Replace the old “jos_” prefix with your new prefix, i.e. the one used in the second line of your renamer.php script.

<?php
$new_prefix = 'new_';
require_once 'configuration.php';
$config = new JConfig;
$con = mysql_connect($config->host, $config->user, $config->password);
if(!is_resource($con)) die('Error connecting to db');
$test = mysql_select_db($config->db, $con);
if($test===false) die('Error connecting to db');
$prefix = $config->dbprefix;
$sql = "show tables where `Tables_in_{$config->db}` like '{$prefix}%'";
$res = mysql_query($sql);
while($row = mysql_fetch_array($res))
{
    $old = $row[0];
    $new = $new_prefix . substr($old, 4);
    $temp = mysql_query("RENAME TABLE `$old` TO `$new`");
    if($temp === false) die(mysql_error());
    mysql_free_result($temp);
}
mysql_free_result($res);
mysql_close($con);
echo "OK";
?>