ShopVPS247.com – Providing genuine cheap VPS
VPS Security Enhancement Guide
Method 1: Change the default port of the Remote Desktop service
- The default port of Remote Desktop is 3389 .
- You switch to using any port (should be between 1000-65000 and need to avoid default ports)
- In this tutorial I will try with port 36868 .
Note: Script only works with Powershell , CMD will not work.
Step 1: Open Powershell
- Press Win+S key combination to open Search.
- Type powershell in the search box, right-click or press and hold on Windows PowerShell in the search results at the top and click Run as administrator .
Step 2: Replace 36868 with the port you want. Copy the command line and go to the PowerShell window then right-click.
$newRemotePort = 36868
netsh advfirewall firewall add rule name="Remote Port" dir=in action=allow protocol=TCP localport=$newRemotePort
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Terminal*Server\WinStations\RDP- TCP\ -Name PortNumber $newRemotePortshutdown /r /t 0
Write-Warning "OK"
* Note:
- After running the command, wait about 30 seconds for the VPS to restart.
- Then you can log in with the new port . (If you only enter the IP without the port, you will not be able to connect to the VPS).
- Re-login to VPS with new IP+Port in the format IP:port
- For example: VPS 113.99.99.99:36868 where 113.99.99.99 is IP, 36868 is port.
Method 2: Change the default Username of the Remote Desktop service
- Change login Username (Default when creating a new one is Administrator ).
- Similar to above, run the following code and wait for the Server to restart.
- Replace Shopvps247 with the name you want (No accents, no special characters, no spaces).
$newName = ' Shopvps247 '
(Get-WMIObject Win32_UserAccount -Filter "Name='$env:UserName'").Rename($newName)
shutdown /r /t 0
Write-Warning "OK"
- If you want to change both and only have to restart the server once, run this command ( remember to save the new Port and username, if you forget you will have to reinstall the operating system ).
$newRemotePort = 36868
$newName = ' Shopvps247 '
netsh advfirewall firewall add rule name="Remote Port" dir=in action=allow protocol=TCP localport=$newRemotePort
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\Terminal* Server\WinStations\RDP-TCP\ -Name PortNumber $newRemotePort
(Get-WMIObject Win32_UserAccount -Filter "Name='$env:UserName'").Rename($newName)
shutdown /r /t 0
Write-Warning "OK"
Method 3: Install the latest operating system
- Currently, Windows server versions from 2012 R2 and earlier are very vulnerable to hacking.
- We recommend you use Windows Server 2019 for the best security.
- Here are the security levels of windows server and windows versions:
Windows Server 2019 - Best choice
Windows Server 2016 - Recommended
Windows Server 2012 R2 - Average, easy to hack via remote port
Windows Server 2008 R2 - Not recommended, very easy to hack.
Windows 10 Pro - Good but not optimized for Servers
Windows 8 Pro - Not optimized for Servers
Windows 7 - Not optimized for Servers
* After completing all 3 steps above, you can rest assured when using VPS without fear of being hacked anymore and don't forget to secure your personal computer and equip it with good anti-virus software.
Thank you for using the service at Shopvps247.com!
