To strengthen security and majorly reduce the hacking attempt, we must change the RDP default port from default to any other. So, In this article, you will learn about: How to change Remote Desktop (RDP) Port?
1. Login to Windows VPS → Start → Search and open “regedit“
OR
Login to Windows, open Run using Windows + R → Type, and run Regedit.
2. Once you open the “Registry Editor“, Navigate to HKEY_LOCAL_MACHINE → SYSTEM → CurreentControlSet → Control → Terminal Server → WinStations→ RDP-Tcp.
3. Now, Right-click on the PortNumber → Click on Modify.
4. Select Decimal, Add the custom RDP Port in “Value data:” and click on OK.
Once we configure the Port within Registry Editor, now we need to add that custom port in Firewall to make it work. To do that, follow the below steps,
5. Login to Windows → Search & Open Windows Firewall with Advanced Security.
6. Navigate to Inbound Rule.
3. Click on New Rule.
7. In Rule Type, select “Port” → Next.
8. In Protocol and Ports, select TCP and specify the custom RDP port → Next.
5. In the Action tab, select “Allow the connection” or “Allow the connection if it is secured ” → Next.
Allow the connection: This includes connections that are protected with IPsec as well as those that are not.
Allow the connection if it is secure: This includes only connections that have been authenticated by using IPsec. Connections will e secured using the settings in IPsec properties and rules in the Connection Security Rule node.
9. In the Profile tab, you need to select the below options and click “Next“,
Domain: This applies to when the computer connected to the corporate domain.
Private: This applies to when the computer connected to the private network.
Public: This applies to when the computer connected to the public network.
10. In the Name section, you need to specify Name for your Custom Rule → Finish.
OR
You can add the Port in the firewall using the following command in CMD (Command Prompt).
netsh advfirewall firewall add rule name="TCP Port 1234" dir=in action=allow protocol=TCP localport=1234
11. Finally, reboot the windows server to implement the changes.
