Table of contents
Written by:
Martin Barrett
Last Updated:
Where Does LearnDash Store Its Data (1)

Where Is Learndash Data Stored

LearnDash has helped thousands of people put their expertise to work in the online sphere, so it’s a small wonder you’re considering using it yourself to commercialize your knowledge and make a supplemental income (possibly a primary income if things go well).

Using the new LearnDash site, you can create a fully fleshed-out online learning management system in record time, ensuring you can start amassing pupils ASAP.

But you’re right to learn a bit more about Learndash data storage policies before you dash into anything drastic.

Once you have students, you will be responsible for the safe storage of their data, so the software you use must have airtight storage and privacy protocols in place, which is why today, we’ll be discussing that where is Learndash data stored.

What Is LearnDash?

If you’re an expert in your field and you’re trying to monetize your knowledge and experience, curating an online learning platform is a fantastic way to do it! 

There are of course several huge names in this industry (Coursera, Skillshare, etc), but if you’re able to offer something more specialized, you can carve out a cozy niche for yourself in the online learning sector. The question is, how do you do it?

You may be a black belt botanist, a guitar god, or an SEO sensei, but that doesn’t mean you know how to create an online learning platform that facilitates a streamlined and rewarding user experience, unless that is, you receive a helping hand — Enter LearnDash!

In (over) simple terms, LearnDash is just a plugin for WordPress admin, but it does so much more than the average plugin you’re used to dealing with.

LearnDash takes a regular old WordPress site and transforms it into an articulate learning management system, enabling you to create and sell the entire course, track learner course progress, doll out certificates to your smarty pants subscribers, and tons more. Check out our LearnDash Course Builder Review.

Why Secure Data Storage Is Important In Online Learning

No one wants their private information to fall into the wrong hands, especially if bank details make up part of said private information; however, the secure storage of user data in online learning isn’t just a matter of privacy, but of value. 

People are paying money to enroll in your Learndash courses, and they expect a certain degree of quality in the product they’re buying, not just in the course content of all the courses, but how the entire platform is run.

For example, let’s say a student has been working hard to complete one of your courses or quizzes, then, all of a sudden, their progress is lost; they’re not going to be all too happy and will likely take their custom elsewhere.

Online learning is a highly competitive industry, so as well as delivering quality content, you have to refine the user experience overall, and secure storage is a big part of that.

Where Is LearnDash Data Stored?

When you download the LearnDash plugin, it adds a few rudimentary elements to your WordPress site, the very basic facilities that enable you to run and manage an online educational platform.

This, of course, means there will be a lot more data flying around, data that needs to be collected and stored somewhere safe, but where?

Well, you may be happy to hear that neither your nor your student’s data goes anywhere — Everything stays right there in the WordPress security ecosystem. In the words of the folks over at LearnDash:

“All LearnDash data is stored within the same database used to run WordPress. LearnDash does not … connect to any external data sources to retrieve or store data”.

Is It A Good Thing That LearnDash Uses The WordPress Database?

Now, I know some will be wondering why data staying within WordPress is a good thing, so let’s break it down.

Third-party data storage facilities may be an awesome way to process tons of data, but, ultimately, this is just adding another element to the management pipeline that could potentially go wrong.

If these facilities start seeing some problems, such as leaks or failed backups, you’ll have some serious issues on your end too.

However, with everything taken care of within WordPress itself, your management pipeline remains nice and compact, reducing the chances of data-based catastrophe.

Put simply, you’re less reliant on outside sources to keep your venture running smoothly, which is always a good thing provided the internal storage facility is protected by adequate security protocols.

So, let’s check out what safeguards WordPress has run behind the scenes.

Are WordPress Databases Secure?

WordPress does its due diligence where data security is concerned. Each and every one of their user-built sites is SSL (Secure Sockets Layer) encrypted, meaning all interaction between users and servers is mutually authenticated using digital signatures.

Consequently, successful attempts to hack into the WordPress database or intercept information in transit are highly unlikely, but SSL doesn’t give a site comprehensive coverage, which is why WordPress doesn’t stop there.

They run numerous firewalls to filter out unauthorized attempts to gain access to any WordPress site, ensuring no one can sneak in the virtual front door, so to speak.

They also have a robust monitoring policy in place that involves constantly analyzing the web traffic to catch out suspicious activity.

Of course, cybersecurity is in a perpetual arms race with cybercrime, so site hosts must constantly update their security protocols, and that’s precisely what WordPress does.

Regular security checks are standard, and any vulnerabilities will be reinforced as soon they’re discovered.

What’s more, they offer a “bug bounty program” that rewards people for discovering and reporting bugs in the system, meaning internal security issues are handled promptly.

And best of all, WordPress backs up every bit of site data regularly just in case of emergency.

For instance, let’s say that a power failure or natural disaster triggers widespread data loss… no problem. WordPress just fetches the backup and viola; everything is back on track — Hooray!

Pair this with your daily backing up of your WordPress site, and the chances of losing even a byte of data are slim to none. So, in summation… yeah, the WordPress database is pretty dang secure.

Where Is Learndash Data Stored

Where Within The WordPress Database Does LearnDash Store Data?

LearnDash operates out of two database tables within the greater WordPress database. Table one is labeled wp_learndash_user_activity, and it comprises all information about the Learndash course, activity type, lesson, user quiz data/topic, and timestamps for video lessons.

Table number two is labeled wp_learndash_user_activity_meta, and it’s concerned with all meta information that corresponds with the information in the first table.

These tables are linked by an activity_id field that connects the primary activity row of the database to the meta-activity rows, allowing for the organized storage of correlated data such as scores, points, steps, etc.

LearnDash uses a few other tables to smooth out functionality, including wp_postmeta, wp_posts, wp_usermeta, and wp-users, but only the tables detailed above are used for long-term data storage.

What Happens To The Data Of A Deleted User

While there’s understandably a lot of focus on data retention in the field of cybersecurity, there are a few instances when you want a lot of data to disappear fast.

For example, when a user cancels their subscription to your learning platform, most of the info logged about them is no longer useful. You might need a few bits and bobs for general platform performance analysis, but that’s it. 

And what if you yourself decide to call it quits and delete your WordPress-hosted educational platform? You don’t want all your details floating around in cyberspace, so let’s take a look at how LearnDash and WordPress handle deleted users and sites.

  • Firstly, if you delete a user, i.e. one of your students, WordPress relays the information to LearnDash, and all the metadata associated with that user is wiped from the database. 
  • Secondly, if you delete your WordPress site, the data is erased for good, which is why it’s impossible to reactivate a site or account after it’s been given the boot. 

Where Does LearnDash Store Customer Data?

The only information LearnDash doesn’t store within WordPress is the data about your dealings with them regarding payment for their services, but, thankfully, they pride themselves on a secure checkout and a transparent data storage policy.

All payments are processed using a GDPR-compliant, third-party shopping cart, and you can request that all your consumer records be completely erased by emailing their customer service team at

What You Can Do To Strengthen WordPress Data Security

As is always the case with online security, some of the onus falls on the user to stay safe, and there are plenty of ways you can boost the security of your WordPress site to protect both you and your students.

Choose A Strong Password

Your password is both the lock and the key to your WordPress account and sites, meaning it’s both an essential security feature and the biggest weak spot in your cyber defenses.

If someone with malicious intentions figures it out, it’s game over, but you can prevent this from happening by choosing a strong password.

The trick to creating a robust password is mixing lots of randomness with a little memorability.

Or if you want to lean completely into the random side of things to make your password as adamantine as possible, you must note it down somewhere and store this note in a secure location, such as in a safe.

Forget about using any birthdays, pet names, or anything that has any anchor of logic. Numbers should be in no discernible pattern, and you should try to avoid using full words too.

Having said that, passphrases made up of a sequence of totally random words are known to be quite effective, but it’s still best to use a variety of different characters to achieve what I’d call orchestrated chaos. 

WordPress allows you to use letters, numbers, and special characters so you can make truly impenetrable passwords that no one would ever guess in a million years.

Log Out When Your Account Isn’t In Use

If you’re working on a shared or public computer and you forget to log out of your WordPress account, you’re essentially inviting cyber ne’er-do-wells to waltz on into your account, cause havoc, and misuse private data.

Even if you only ever access your WordPress account via your phone or laptop, it’s a good idea to log out after each use in case of theft.

Not sure how to log out of WordPress? It’s simple — Just click on your Gravatar in the top-right corner, then select “Log Out” from the drop-down menu.

Utilize Custom User Roles

WordPress allows you to sort users of your account into the following categories:

  • Contributor — Can only write draft posts
  • Author — Can only publish their posts
  • Editor — Can edit and post all user posts as well as manage comments, tags, and categories
  • Administrator — All-powerful. Can delete the site if required

By handing out only essential power based on the person’s role within your site, you can keep local security risks to a minimum. Only ever grant higher site access to those you can trust.

Be particularly discerning when inviting an administrator on board, as they’re essentially another you.

They can do everything you can do on your site, including analyze data, so be sure they’re a trustworthy individual and that you genuinely need them to have comprehensive site access to reach your goals.

Final Thoughts

Not only is LearnDash one of the premier LMS plugins on the market, but they take data security extremely seriously too, which gives their service an edge over a lot of their competitors.

To reduce weak links in data storage and recovery, they keep all user information within the WordPress ecosystem, a database secured by SSL encryption, perpetual backups, and a stringent traffic monitoring system.

The only data that LearnDash stores outside the confines of WordPress are your customer records, which you can have deleted at your leisure — Pretty neat, huh?
Check out LearnDash for yourself, here!

The internet is a brilliant platform for people to teach, allowing you to host or receive lessons from all over...
Thinking about producing a digital learning course page? You may want to consider using LearnDash.  LearnDash is an LMS (Learning...
A well-liked WordPress LMS plugin called LearnDash is suitable for both major academic institutions and lone course makers, as well...
Course creation is a market that has seen a huge rise in popularity in recent years – and for good...