What is a Database and How WordPress Uses it?
A database is a system of storing and fetching data in an organized way. Database allows software to manage data in a programmable way.
For example: WordPress uses PHP (programming language) to store and retrieve data from the database.
The information stored in a WordPress database includes posts, pages, comments, categories, tags, custom fields, users, and other WordPress settings. We will elaborate on this later in the tutorial when we cover all WordPress database tables.
When you first install WordPress, it asks you to provide a database name, host, username, and password. This information is stored in the configuration file called wp-config.php.
During the installation, WordPress uses the information you provide about the database to create tables and store default installation data inside those tables.
After the installation, WordPress runs queries to this database to dynamically generate HTML pages for your website or blog.
This is what makes WordPress extremely powerful because you don’t have to create a new .html file for each page that you want to create. WordPress handles everything dynamically.
Where is my WordPress database stored?
WordPress uses MySQL as its database management system, which is a software installed on your WordPress hosting server. Your WordPress database is also stored on the same server.
This location however is not accessible on most shared hosting environments. However, if you are on a VPS hosting plan or a dedicated server, then you can use command line tools to locate the database.
Most often it is located at the following path:
However, this could differ from one hosting provider to another.
It is important to keep in mind that you don’t really need to access the database file itself. You can use other tools like phpMyAdmin to manage your database.
What is phpMyAdmin?
PhpMyAdmin is a web-based software that allows you to manage MySQL databases using your web browser. It offers an easy to use interface that allows you to run MySQL commands and database operations.
You can also use it to browse and edit database tables, rows, and fields. It also allows you to import, export, or delete all data inside a database.
How to Access PhpMyAdmin?
PhpMyAdmin comes pre-installed with all top WordPress hosting companies. You can find it under the Databases section of your hosting account’s cPanel dashboard. Below is an example screenshot from Bluehost control panel:
Depending on your hosting provider, your cPanel interface may look different than the above screenshot. You would still be able to find phpMyAdmin icon under the databases section.
Clicking on it will open the phpMyAdmin interface where you can select your WordPress database from the left column. After, that phpMyAdmin will display all tables in your WordPress database.
Let’s take a look at the WordPress database tables.
Understanding WordPress Database Tables
Each WordPress installation has 12 default tables in the database. Each database table contains data for different sections, features, and functionality of WordPress.
Looking at the structure of these tables, you can easily understand where different parts of your website are stored. Currently, a default WordPress installation creates the following tables:
wp_ before each table name is the database prefix you choose during the installation. It can be different if you changed it at the time of installation.
wp_commentmeta : This table contains meta information about comments posted on a WordPress website. The table has four fields meta_id, comment_id, meta_key, and meta_value. Each meta_id is related to a comment_id. One example of comment meta information stored is the status of comment (approved, pending, trash, etc).
wp_comments : As the name suggests this table contains your WordPress comments. It contains comment author name, url, email, comment, etc.
wp_links : To manage blogrolls create by earlier versions of WordPress or the Link Manager plugin.
wp_options : This table contains most of your WordPress site-wide settings such as: site url, admin email, default category, posts per page, time format, and much much more. The options table is also used by numerous WordPress plugins to store plugin settings.
wp_postmeta : This table contains meta information about your WordPress posts, pages, and custom post types. Example of post meta information would be which template to use to display a page, custom fields, etc. Some plugins would also use this table to store plugin data such as WordPress SEO information.
wp_posts : The name says posts but actually this table contains all post types or should we say content types. This table contains all your posts, pages, revisions, and custom post types.
wp_termmeta : This table allows developers to store custom metadata for terms under their custom taxonomies. For example, WooCommerce uses it to store metadata for product attributes and categories.
wp_terms : WordPress has a powerful taxonomy system that allows you to organize your content. Individual taxonomy items are called terms, and they are stored in this table. For example, your WordPress categories and tags are taxonomies, and each category / tag inside them is a term.
wp_term_relationships : This table manages relationship of WordPress post types with terms in wp_terms table. For example this is the table that helps WordPress determine post X is in Y category.
wp_term_taxonomy : This table defines taxonomies for terms defined in wp_terms table. For example, if you have a term “WordPress Tutorials“, then this table contains the data that says it is associated with a taxonomy called category. In short, this table has the data that helps WordPress differentiate between which term is a category, which is a tag, etc.
wp_usermeta : Contains meta information about registered users on your website.
wp_users : Contains user information like username, password, user email, etc.
Managing WordPress Database using phpMyAdmin
Your WordPress database contains important WordPress settings, all your blog posts, pages, comments, and more. You need to be extremely careful when using phpMyAdmin, or you may end up accidentally deleting important data.
As a precaution, you should always create a complete database backup. This would allow you to restore your database the way it was before.
Let’s take a look at how to easily create a WordPress database backup.
Creating a WordPress Database Backup using phpMyAdmin
To create a backup of your WordPress database from phpMyAdmin, click on your WordPress Database. On the top menu, click on the Export tab.
In newer versions of phpMyAdmin, it will ask you for an export method. The quick method will export your database in a .sql file. In the custom method, it will provide you with more options and ability to download backup in compressed zip or gzip archive.
We recommend using the custom method and choosing zip as the compression method. The custom method also allows you to exclude tables from the database.
Let’s say if you used a plugin that created a database table, and you are no longer using that plugin, then you can choose to exclude that table from the backup if you want.
Your exported database file can be imported back into a different or the same database using phpMyAdmin’s import tab.
Creating a WordPress Backup using a Plugin
Keeping regular backups of your WordPress site is the best thing you can do for your WordPress security. While the WordPress database contains the majority of your site information, it still lacks several fairly important elements such as template files, images, uploads, etc.
All your images are stored in the uploads folder in your /wp-content/ directory. Even though the database has the information which image is attached to a post, it is useless if the image folder doesn’t have those files.
Often beginners think that the database backup is all that they need. It is NOT true. You need to have a full site backup that includes your themes, plugins, and images.
While most hosting companies claim they have daily backups, we recommend that you keep backups yourself just in case.
Note: If you are on a managed WordPress hosting solution like WPEngine, then they do create daily backups.
For the majority of us who are not on WPEngine, you should use a WordPress backup plugin to set up automated WordPress backups on your site.
Importing a WordPress Database Backup via phpMyAdmin
PhpMyAdmin also allows you to easily import your WordPress database. Simply launch phpMyAdmin and then select your WordPress database.
Next, you need to click on the ‘Import’ link from the top menu.
On the next screen, click on the Choose file button and then select your database backup file you downloaded earlier.
PhpMyAdmin will now process your backup file upload and import it into your WordPress database. Once finished, you will see a success message.
Optimizing your WordPress Database in phpMyAdmin
After using WordPress for a while, your database becomes fragmented. There are memory overheads which increase your overall database size and query execution time.
MySQL comes with a simple command that allows you to optimize your database. Simply go to phpMyAdmin and click on your WordPress database. This will show you a list of your WordPress tables.
Click on the check All link below the tables. Next to it, there is a “With Selected” drop down, you need to click on it and choose Optimize table.
This will optimize your WordPress database by defragmenting selected tables. It will make your WordPress queries run a little faster and slightly reduce the size of your database.
Fixing WordPress Issues using PhpMyAdmin
As we mentioned earlier, phpMyAdmin is a handy tool for troubleshooting and fixing some common WordPress errors and issues.
Let’s check out some common WordPress issues that can be easily fixed using phpMyAdmin.
Reset WordPress Password Using PhpMyAdmin
If you forgot your WordPress admin password and cannot recover it via lost password email, then this method allows you to quickly reset WordPress password.
First, launch the phpMyAdmin and select your WordPress database. This will display your WordPress database tables where you need to browse next to wp_users table.
Note: Table names in your WordPress database may have a different table prefix than the one we are showing in our screenshot.
You will now see the rows in your WordPress users table. Go ahead and click on the edit button next to the username where you want to change the password.
PhpMyAdmin will show you a form with all the user information fields.
You will need to delete the value in the user_pass field and replace it with your new password. Under the function column, select MD5 from the drop-down menu and click on the Go button.
Your password will be encrypted using the MD5 hash and then it will be stored in the database.
Congratulations! You have successfully changed your WordPress password using phpMyAdmin.
Now some of you may be wondering why did we select the MD5 hash to encrypt the password.
In the older version, WordPress used MD5 hash to encrypt passwords. Since WordPress 2.5, it started using stronger encryption technologies. However, WordPress still recognizes MD5 to provide backward compatibility.
As soon as you log in using a password string stored as an MD5 hash, WordPress recognizes it and changes it using the newer encryption algorithms.
Adding a New Admin User to WordPress using PhpMyAdmin
Let’s suppose you have access to the WordPress database but not the WordPress admin area. While you can change the admin user password, it will prevent the other admin user from using their account.
An easier solution would be to add a new admin user via phpMyAdmin.
First, you need to launch the phpMyAdmin and then select your WordPress database. This will show your WordPress database tables where you need to click on the ‘Browse’ link next to wp_users table.
phpMyAdmin will now show you the rows inside the wp_users table. Go ahead and click on the ‘Insert’ link from the menu on the top.
This will bring up a form that you need to fill up to add a new user to your WordPress site.
Here is how you need to fill each field in this form.
- ID – You can ignore this one as this is automatically generated.
- user_login – This will be your WordPress username that you’ll use to login.
- user_pass – This is your WordPress password you need to enter the password and select MD5 in the function column.
- user_nicename – This is the URL friendly username you can use the as your login.
- user_email – Enter a valid email address as you may need it to recieve password reset and WordPress notification emails.
- user_url – Add your website URL or you can leave it blank.
- user_registered – You need to select the CURRENT_TIME in the function column to automatically insert current time here.
- user_activation_key – You can leave this field blank as well it is used to approve user registeration.
- user_status – You can leave this field blank as well.
- display_name – You can enter the user’s full name as you want to be displayed on the articles. You can also leave it blank.
After filling in the form, click on the Go button to insert it into your WordPress database. PhpMyAdmin will now run the MySQL query to insert the data.
We have added the user, but that user does not have an administrator user role on your WordPress site. This value is saved in another table called wp_usermeta.
Before we can make this user an administrator, we will need to find the user ID. Simply click on the ‘Browse’ link next to wp_users table and you will see a row containing your newly added user with their user ID.
Note down the user ID as you’ll need it in the next step.
Now, let’s open the wp_usermeta table by clicking on the Browse link next to it.
Next, you need to click on the Insert link at the top to add a new row to the table.
You’ll now see a form to enter a new row. This is where you’ll tell WordPress that the user you created earlier has the administrator user role.
Here is how you’ll fill in this form.
- umeta_id – You need to leave it blank as it is automatically filled in.
- user_id – Enter the user ID you copied earlier.
- meta_key – You need to enter wp_capabilities in this field. However, you may need to replace wp_ if your WordPress table names use a different prefix.
- meta_value – You need to enter the following serialized value:
Finally, click on the Go button to save your changes.
Next, we need to add another row to define the user level. Click on the Insert link on the top menu to add another row to the usermeta table.
Here is how you’ll fill in this form.
- umeta_id – You need to leave it blank as it is automatically filled in.
- user_id – Enter the user ID for your newly added user.
- meta_key – You need to enter wp_user_level in this field. However, you may need to replace wp_ if your WordPress table names use a different prefix.
- meta_value – Here you need to enter 10 as the user level value.
Don’t forget to click on the Go button to insert the data.
That’s all, you can now visit the WordPress admin area and log in with your newly added admin user.
Change a WordPress Username via PhpMyAdmin
You may have noticed that while WordPress allow you to change user’s full name or nickname, it does not allow you to change the username.
Now a lot of users end up choosing usernames during the installation that they may later want to change. Here is how you can do this via phpMyAdmin.
Note: there is an easier way to change WordPress username using a plugin.
First, you need to launch the phpMyAdmin from your hosting account’s cPanel dashboard. After that, you need to select your WordPress database.
PhpMyAdmin will show your WordPress database tables. You need to click on the ‘Browse’ link next to wp_users table.
This table will now list all the registered users on your website. Click on the edit link next to the username that you want to change.
PhpMyAdmin will now show you the user data. You need to locate the user_login field and change the value to the username you want to use.
Don’t forget to click on the Go button to save your changes. You can now visit your website and login with your new username.
Other Useful PhpMyAdmin Tricks
Your WordPress database is the engine behind your website. With phpMyAdmin you can tweak settings to improve performance, fix issues, or simply change things that cannot be changed from inside WordPress admin area.
Following are just a few more tricks you can use with phpMyAdmin.
- Deactivate all WordPress plugins
- Change WordPress theme via phpMyAdmin
- Duplicate WordPress database via phpMyAdmin
- Find and replace text in WordPress database
Securing your WordPress Database
Before we get into this, we want to emphasize that every site can be hacked. However, there are certain measures you can take to make it a little harder.
First thing that you can do to is to change WordPress database prefix. This can significantly reduce the chances of SQL injection attacks on your WordPress database because often hackers target sites in masses where they are targeting the default wp_ table prefix.
You should always choose a strong username and password for your MySQL user. This will make it difficult for someone to get access to your WordPress database.
For WordPress security, we strongly recommend that you use Sucuri. It is the best WordPress security plugin that would catch any attempts at MySQL injection even before it reaches your website.