How To Change Default Port (3389) In RDP Server?

By default, Remote Desktop Protocol (RDP) uses port 3389 to communicate with the Windows VPS. Changing the default RDP port can add an extra layer of security to your VPS by making it harder for potential attackers to locate your server.

How should I connect to a remote computer?

To connect to a remote computer, you will need to follow these steps:

1. 1. Turn the remote computer on.
   2. Connect it to a network.
   3. You need to Enable Remote Desktop access in your operating system.
   4. You also need to have connection permission on the list of users.

How to change the Remote Desktop port in Windows VPS?

Since the Default port 3389 is well-known, it can be used to attack servers. To prevent this from happening, we need to change the port for RDP.

Steps To Change RDP Port

1. 1. Choose a PortNumber
   2. Add it to the firewall
   3. Change the Port in The Windows Registry Setting
   4. Connect to the server
   5. Choose a PortNumber

Step 1- How Can Choose a PortNumber?

It is better to choose a system port between (0-1023), and a user port between (1024-49151), and the result will be an RDP PortNumber between the range (49152-65535).  You can also find a number between (1024-49151).

Note: The new PortNumber in this topic is 6985, and we would like you to make note of it.

Step 2 – How Can Add the New PortNumber to The Firewall?

If you are using Windows Firewall, you should now open the PortNumber you have chosen in that firewall. The firewall will then accept the connection to your chosen port.

To let a process work through a port, the firewall on the Windows virtual private server must be opened. Ports are the gateways for server input and should be monitored regularly. The server should also contain the required ports due to the possibility of an unauthorized user gaining access to the server.

Different operating systems use different firewalls to manage ports. This is something that is done by the Windows built-in firewall in the case of Windows VPS.

3 – How to open a port on the Windows VPS

We have 3 ways to do this in the Windows VPS firewall:

1. 1. Windows Firewall GUI (Graphical User Interface)
   2. CMD (Command Line)
   3. Windows PowerShell

If you have not opened your VPS/RDP port in the firewall of your server, you can do this by following the tutorial on How To Open A Port On The Windows VPS Firewall.

View and then come back otherwise, we can continue the post together.

3.1 – How Can Change the PortNumber The Windows Registry Setting

1 – You need to change the PortNumber in the registry setting once the port has been opened in the firewall. To do this, you must open the RUN window using the Windows key + R and type Regedit, and click OK. Once you reach the new window, navigate to the following path:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

2 – Click RDP-TCP, find the PortNumber on the right, and double-click it. Ensure the Base is set to decimal and the 3389 number is changed to the PortNumber that you wish to use. Click on OK to complete the process.

3 – If you encounter any problems connecting to your RDP server using this method, try closing the registry and restarting your server.

3.2 – CMD (Command Line)

First, be sure you are connected to VPS

Press ( Windows key + R ) and type CMD and click on ok.

when cmd opened then type regedit
you can change the port with this roadmap:

“HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /v PortNumber /t REG_DWORD /d”

at the end close the reg editor and restart the RDP services.

3.3 – Windows power shell

also, you can change RDP’s port number by using Windows Powershell with these comments.

3.1 – first, open the Windows search box ( Windows key  ) and write Powershell

3.2 – to add a new port number by using:

Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp’ -name “PortNumber” -Value 6985

3.3 – Then Add a Firewall Rule to open port 6985 on the Public profile using Powershell:

New-NetFirewallRule -DisplayName ‘RDPPORT_TCP’ -Profile ‘Public’ -Direction Inbound -Action Allow -Protocol TCP -LocalPort 6985

3.4 – Repeat to open UDP port 6985

New-NetFirewallRule -DisplayName ‘RDPPORT_UDP’ -Profile ‘Public’ -Direction Inbound -Action Allow -Protocol UDP -LocalPort 6985

3.5 – Restart RDP services from Powershell

Restart-Service -Force -DisplayName “Remote Desktop Services”

Conclusion:

Changing the default RDP port is a simple process that can be completed in just a few steps. By changing the default port, you can increase the security of your server by making it more difficult for attackers to find and exploit vulnerabilities. However, it’s important to remember that changing the default port will not provide complete protection against attacks, and additional security measures such as strong passwords, firewalls, and regular security updates should also be implemented.