How to Change Your Server SSH Port

Nmap banner with popular features
Source: Nmap.org

Have you ever tried any basic port scanning with Netcat, Nmap, and Telnet against your server or local network? If so, you know how easy it can be to check for open ports and accompanying services. And anyone can search how to find port numbers in cPanel software.

Social engineering is being used more for more sophisticated cyber attacks that bypass cybersecurity measures. But many cyber attacks are still automated scripts that primarily target attack systems with common misconfigurations and default, insecure settings.

You must have root access on a cloud server or managed VPS or dedicated server to complete the steps below.

Port 22 is the default SSH port and it’s open by default. Changing your server SSH port can protect you from a lot of less sophisticated attacks. If you’re a cPanel administrator with root WebHost Manager (WHM) access, you should disable SSH access for cPanel accounts that don’t need it.

Below we cover how to change your server SSH port.

Before continuing, create a server backup or snapshot in your Account Management Panel (AMP).

Change Your Server SSH Port

Before you begin, ensure the new port number you plan to use isn’t already used by another service on your server. The quickest method is to type yourdomain.com:9999, replacing the number with your preferred new SSH port.

If you get locked out of your server, you may have to flush your firewall rules in AMP to regain access.

  1. SSH into your server as root
  2. Open the port in your server firewall (e.g. Firewalld and ConfigServer Security & Firewall)
  3. Edit your SSH configuration file:
    sudo nano /etc/ssh/sshd_config
  4. Edit the line #Port 22 to your preferred port number and remove the #, for example:
    Port 8398
  5. Restart SSHD:
    systemctl restart sshd.service
  6. While your current SSH session is still open, log into the server with a new terminal session using the new port to confirm it works
    ssh user@example.com -p 9999

If you have any issues, you may need to ensure the port is open on your local network or workstation.

Secure your web solution with our Debian Cloud Server Hosting.

Was this article helpful? Let us know!