Use a local install of WordPress (use MAMP or WAMP). If you’re not using standard ports and if you’re behind a router that is not DMZ’d (available over the internet), you can fairly safely give out as much detail as you want on your local WordPress install.
Although good security always dictates only share as much information that is needed and no more and only share to those with a need to know.
Thank you for your reply, bemdesign. I don’t want to start off doing a local install because I think that’s a little bit too advanced for the people I am trying to teach.
” only share as much information that is needed and no more ” dictates that I should change the database name.
It must be easy to copy a database in cPanel assign it to a new username and password and then change the wp-config.php and then I can sleep well at night …
Not really a WordPress question, but a good one. Use your video editing tools to blur out the real data, this is accepted practice. Never give them anything real. Ever. If nothing else it gives away some of the patterns you use to pick passwords, and we all have them. The Gentlemen from the Other Firm can be very smart
I would not recommend showing real database information of a real online server, ever. Unless this was prerecorded video tutorial and used a VM instance of a server which was promptly destroyed after recording, and you used completely random usernames and passwords.
And even then I would be fairly paranoid. See mechx1’s response.
Thank you for the feedback. I appreciate your concerns but what’s the difference between blurring out the database name, user and password and changing them later?
I appreciate that there’s still constants that people (The Gentlemen from the Other Firm) to latch onto like prefixes, for example. But the password, for example, is completely random as are the username and database name (apart from the prefixes).
Changing them is better than blurring. There are methods to unblur images and video to see the underlying information and I would not rely on it as a way of obfuscating things. But not using a live, on-the-web server would be even better.
Just make sure that you change stuff prior to posting the video. If you post the video and you haven’t changed things, you’ve greatly increased the risk of an attack. But I think you know that! 🙂
Thanks bemdesign. Understood.
