Support » Fixing WordPress » Fixing WordPress database, any security vulnerabilities?

  • Hi,
    As a precaution I recently checked if my database had any errors.
    I’ve found that I can use a ‘native’ WordPress function to do so.
    In wp-config.php I added:
    define(‘WP_ALLOW_REPAIR’, TRUE);

    Then I went to domain.com/wp-admin/maint/repair.php in order to check for database errors. All seemed fine, however I forgot to remove the line in wp-config.php. Therefore the repair page has been accessible for unauthorized users, for about 24 hours.

    My question is if this exposed any security vulnerabilities for hackers to mess with my database?

    Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steve Stern

    (@sterndata)

    Support Team Volunteer

    No, though it does allow folks to “beat up” your database, so that option should not be enabled unless needed. Also, if you DO need a DB repair, it’s better to do it through PHPMYADMIN rather than WP.

    Hi,
    Thanks for getting back.
    ‘Beating up’ meaning using resources?
    I only wanted to check if any tables needed to be fixed, is the WordPress repair function adequate for doing that?

    Moderator Steve Stern

    (@sterndata)

    Support Team Volunteer

    Yes, using resources.

    I have seen the internal WP repair functions fail, which is why I recommend using PHPMYADMIN or MySQL from the command line to repair databases, when needed.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Fixing WordPress database, any security vulnerabilities?’ is closed to new replies.