this post was submitted on 04 May 2026
10 points (66.7% liked)

Technology

86364 readers
3282 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] MimicJar@lemmy.world 1 points 2 months ago

I'm not a SQL wizard and I'm typing from my phone but couldn't you just do something like,

select name from sys.tables where name like 'wp%users'

To get the table of WordPress users, then do whatever bad things you want to it?

I get that that's an extra step, and I suppose in the example even though "best practice" is to add random characters, if everyone knows that, then best practice for bad people scripts would probably be to add an extra query.

But my real point is more about adding obfuscation for your developers and server owners. If you're making their jobs harder for no benefit, is it a good change?

I also wonder about adding obfuscation and it causing issues when debugging.

I think adding obfuscation is fine, but it's important to be careful when it comes to your developers and debugging.