1. Home
  2. Knowledge Base
  3. Security
  4. How to change Remote Desktop (RDP) Port?
Searching...

How to change Remote Desktop (RDP) Port?

To strengthen security and majorly reduce the hacking attempt, we must change the RDP default port from default to any other. So, In this article, you will learn about: How to change Remote Desktop (RDP) Port?

1. Login to Windows VPS → Start → Search and open “regedit

search for regedit

OR

Login to Windows, open Run using Windows + R → Type, and run Regedit.

2. Once you open the “Registry Editor“, Navigate to HKEY_LOCAL_MACHINE → SYSTEM → CurreentControlSet → Control → Terminal Server → WinStations→ RDP-Tcp.

how-to-change-remote-desktop-port

3. Now, Right-click on the PortNumber → Click on Modify.

click-on-modify-change-port-number-windows

4. Select Decimal, Add the custom RDP Port in “Value data:” and click on OK.

how-to-change-rdp-port

You can use a port number between 1025 and 65535; which is not in present use.

Once we configure the Port within Registry Editor, now we need to add that custom port in Firewall to make it work. To do that, follow the below steps,

5. Login to Windows → Search & Open Windows Firewall with Advanced Security.

select windows firwall with advanced option

6. Navigate to Inbound Rule.

Allow Incoming Connections Of Program From Windows VPS / Server Firewall

3. Click on New Rule.

click-on-new-rule-inbound-rule

7. In Rule Type, select “Port” → Next.

select-port

8. In Protocol and Ports, select TCP and specify the custom RDP port → Next.

navigate-to-protocol-and-ports-firewall

5. In the Action tab, select “Allow the connection” or “Allow the connection if it is secured ”  Next.

Allow the connection: This includes connections that are protected with IPsec as well as those that are not.

Allow the connection if it is secure: This includes only connections that have been authenticated by using IPsec. Connections will e secured using the settings in IPsec properties and rules in the Connection Security Rule node.

action-section-how-to-allow-echo-request-in-windows-firewall

9. In the Profile tab, you need to select the below options and click “Next“,

Domain: This applies to when the computer connected to the corporate domain.

Private: This applies to when the computer connected to the private network.

Public: This applies to when the computer connected to the public network.

profile-allow-ping-in-windows

10. In the Name section, you need to specify Name for your Custom Rule → Finish.

name-your-custom-rule-allow-ping

OR

You can add the Port in the firewall using the following command in CMD (Command Prompt).

netsh advfirewall firewall add rule name="TCP Port 1234" dir=in action=allow protocol=TCP localport=1234

11. Finally, reboot the windows server to implement the changes.

restart-windows-server-start
Updated on October 24, 2021
Tagged:
Need Support?
Can't find the answer you're looking for? Don't worry we're here to help!
CONTACT SUPPORT