# RDP Change - Manually {% hint style="info" %} **Why should I change the RDP port on my server?**\ The default RDP port of all Windows Servers is 3389, bad people know of this number so they will try to brute force the login information of the machine. Sometimes setting a strong password just isn't enough. Changing the RDP port and banning IPs that try to brute force using our tool helps a great amount. Read more about this [**here**](https://docs-servers.zesty.group/security/rdp-security-why). {% endhint %} {% hint style="danger" %} Do this on your server, not on your home computer. {% endhint %} ## MANUALLY CHANGE **IF YOU USE THE ZESTY TOOL, YOU WON'T NEED TO FOLLOW THE STEPS BELOW** Pick a port you want for your new RDP (default is 3389, you don't want this).\ You may use any port from 1-65535. \ This excludes ports 20, 22, 25, 80, 345, 443. \ Use a random 5 digit number **you can memorize** or generate a random port and memorize/save it: \ We recommend any 5 digit port. We will need to unblock the port you choose first so let's get started, open up **Windows Firewall with Advanced Security** and click "**New Rule...**" on the *right hand side*. ![](/files/-M14_EeP4qxwKEHVgbme) Leave the port as a TCP Port and the input the specified local port as the port you want to use for your RDP connections. \ We've chosen 3385 in this example. ![](/files/-M14_Lgvw0eCLEiNklyb) Make sure you tick **Allow the connection** for this step and then make sure all check boxes are checked for the next step. ![](/files/-M14_ePvuOtDDDjmbCAN) ![](/files/-M14_hNVzlb33kknJ2k-) When naming, you want to choose something easy to remember just in case you ever want to change the RDP port. ![](/files/-M14_y8gM84yO1fQj8DE) Now we're going to actually change the RDP port inside of the registry editor. Start **Registry Editor**. ![](/files/-M14V5ehrr58hAfjHyzb) ## VERY IMPORTANT SECTION (Read Everything) Locate and then click the following registry subkey: **HKEY\_LOCAL\_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber**\ \ You want to navigate your way through regedit until you have the file **RDP-Tcp** selected, then you will be able to scroll down and find **PortNumber** on the right hand side. On the **Edit** menu, click **Modify**, and then click **Decimal**. Make sure you click Decimal **BEFORE** you change the value. \ \ We cannot stress this enough, change the option to **Decimal, VERY IMPORTANT!** ![](/files/-M14VA361H6WDSsM48VB) Type the new port number, and then click **OK**. Save the port somewhere safe so you don't forget it. Restart/reboot the computer and you're good to go. ![Once it prompts you for a reason, just choose: Other (Planned). ](/files/-M14pAjW6H3-_IUomLiI) Please note when you're connecting to RDP with a new port, you will need to enter the port while connecting. ![123.123.123.123 is an example IP with an example port of 8853. ](/files/-M14XcpUKa6J1ps4b2p7) ![tester-01.va.zesty.host is an example IP with an example port of 8853. ](/files/-M14XmWH7FwmtvHGpRdR) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs-servers.zesty.group/security/rdp-change/manual.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.