search
HomeOperation and MaintenanceWindows Operation and MaintenanceWin2008 R2 WEB Server Security Settings Guide - Detailed explanation on how to modify port 3389 and update patches

This article mainly introduces the Win2008 R2 WEB server Security Setting Guide to modify the 3389 port and Update patch, friends in need can refer to the

3389 port It refers to the remote desktop port in the Windows system. You can use it to manage remote computers just like operating a local computer, but it is also easy to be used by some hackers, so I must modify this port and install it in Modify the system immediately after completing it.

With the popularity of cloud hosts and Microsoft's vigorous updates, more and more people are using Windows Server 2008 R2 as a web server, and its powerful performance and operability have been well received. There are even more virtual host vendors selling win2008, so today I will talk about how I set up the security of the Win2008 server. I hope it can help everyone. Let’s stay away from broilers together. . .

A journey of a thousand miles begins with a single step. You must have a server with the Windows Server 2008 r2 operating system installed, otherwise it is just talk on paper. We recommend Tianyi Cloud, Alibaba Cloud, and Tencent Cloud. You can first take a look at the domestic cloud host comparison. Tianyi Cloud/Alibaba Cloud/Tencent Cloud have a brief understanding. I am currently using Tianyi Cloud host. If you don’t want to buy a host yet, then install a virtual machine locally to practice first.

Okay, now that we have the host, we also have the host IP, username, and password. Okay, open the remote desktop connection function in Win7 or Win8, as shown below:

Write the host IP address in the computer column, click Connect, and enter the next step page,

I will directly display the system user here. If your user is not administrator, click below to use Other accounts. Can. My operating computer system is Win8.1, so you can enter the password directly here. If your system is WinXP, Password box can only be entered on the system login interface. Enter the password in the password field to confirm. If you are using it on your own personal computer, check "Remember my credentials" below to facilitate the next login. If you are operating on a public computer, it is not recommended to check it. For safety reasons, do not perform remote connection operations on computers in public places such as Internet cafes and coffee shops.

Show commonly used desktop icons

Okay, after confirming, you can see the classic desktop of Windows Server 2008 R2. There is only one Recycle Bin icon on the desktop, which is simple enough. Although it is simple, there are no basic icons, which is really a bit unfamiliar to people who are used to Windows. Well, let's display the traditional desktop icons first. Although Win2008 r2 and Win7 have the same kernel, the desktop and server environments are different, so the desktop right-click function of Win2008 r2 is very simple, and there is no personalized setting function of Win7. So we need to change the method to display desktop icons.

Click the Start button, enter "ico" in the Search box,

Find one of them Click the item "Show or hide common icons on the desktop",


I have selected all icons here, you can choose according to your personal habits.

Modify the remote desktop connection port

Don’t rush to install the software. The first point of safety is to change the default port of remote connection to 3389. Press Win+R and enter regedit, open the registry and enter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp] , find PortNamber on the right side, double-click it, the hexadecimal data d3d is displayed by default, click to select decimal and it becomes 3389, this is the remote connection port, modify it to modify the remote connection port, for example, change it to 8579, OK to save.

Enter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Tenninal Server\WinStations\RDP-Tcp], modify the value of PortNamber to 8579, save and close the registry.


After the above two steps, the remote connection port has been modified in the registry, but do not restart the server at this time, otherwise you will Locked out.

Follow the above steps, open the Windows Firewall that comes with the system, enter the advanced settings, enter "Inbound Rules", click "New Rule", select "Port" for the rule type,

Next step, select "TCP", fill in the modified port in the registry above at the specified port, my here is 8579,

In the next step, select "Allow connection" to specify the connection conditions.

Next step, generally select all scopes,

Next step, for this rule Set a name to make it easy to remember, and a simple description. Click "Finish" to save the above settings. This rule will take effect.

The new rules have been set. Check whether the previous settings are correct and restart the server after confirming that they are correct.

Restart the remote desktop connection and add the new port number after the IP address.

As long as the previous settings are correct, you should be able to connect normally here to the server.

After logging in to the server, disable or delete the remote connection rules that come with the system, because it no longer works. Find "Remote Desktop (TCP-In)" and right-click to disable it.

The final step is to further improve the security of the remote desktop connection and set "Only allow connections from computers running remote desktop that use network level authentication". This will only allow systems above Win Vista to connect to the server.


#When I have the opportunity, I will write another article on remote desktop hardening based on IPsec.

Update system patch

Patch update is relatively simple, just open Windows Update to update.


Turn on automatic updates and set the automatic installation time. Generally, update the patch in the early morning.

Now we can install commonly used software on the server, such as iis, mssql, asp.net, php, etc.

The above is the detailed content of Win2008 R2 WEB Server Security Settings Guide - Detailed explanation on how to modify port 3389 and update patches. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
What are the operation and maintenance tools under windowWhat are the operation and maintenance tools under windowMar 05, 2025 am 11:17 AM

This article reviews Windows-based server management tools. It compares free (PowerShell, Windows Admin Center) and commercial options (SCCM, Azure Arc), highlighting their functionality, cost, and complexity. The choice depends on needs, budget, a

How to solve the problem that Tencent Cloud has downloaded?How to solve the problem that Tencent Cloud has downloaded?Mar 05, 2025 am 11:18 AM

This article guides users on opening files downloaded from Tencent Cloud. It addresses common issues like corrupted downloads, incompatible file formats, and software conflicts, offering troubleshooting steps and suggesting contacting Tencent Cloud

How to use Tencent Cloud Lightweight Application Server Tutorial for Using Tencent Cloud Lightweight Application ServerHow to use Tencent Cloud Lightweight Application Server Tutorial for Using Tencent Cloud Lightweight Application ServerMar 05, 2025 am 11:16 AM

This guide details using Tencent Cloud Lightweight Application Servers (LAS). It covers account setup, instance creation (specifying region, configuration, image, security, and storage), and application deployment. Key features include cost-effecti

Tutorial on the mobile version of Tencent Cloud to cancel the account without real nameTutorial on the mobile version of Tencent Cloud to cancel the account without real nameMar 05, 2025 am 11:20 AM

Deleting unregistered Tencent Cloud mobile accounts is impossible without verification. The article explains why account deletion requires verification and details how uninstalling the associated app is the most effective workaround to sever the app

What to do if the windows installation error is not started?What to do if the windows installation error is not started?Mar 05, 2025 am 11:19 AM

This article addresses common Windows installation and boot errors. It details troubleshooting steps for issues like corrupted media, hardware problems, driver conflicts, partitioning errors, BIOS settings, and software conflicts. Solutions include

Recommended Windows Operation and Maintenance Tools What are the Windows Operation and Maintenance Software?Recommended Windows Operation and Maintenance Tools What are the Windows Operation and Maintenance Software?Mar 05, 2025 am 11:15 AM

This article reviews free and paid Windows server administration tools. It compares built-in options like Server Manager & PowerShell with commercial solutions such as SolarWinds and Microsoft System Center, emphasizing the trade-offs between co

What are the main tasks of Windows Operation and Maintenance EngineersWhat are the main tasks of Windows Operation and Maintenance EngineersMar 05, 2025 am 11:14 AM

This article details the key responsibilities and essential skills of a Windows systems administrator. It covers system installation/configuration, monitoring/troubleshooting, security management, backup/recovery, patch management, automation, and u

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
1 months agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

Dreamweaver Mac version

Dreamweaver Mac version

Visual web development tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

VSCode Windows 64-bit Download

VSCode Windows 64-bit Download

A free and powerful IDE editor launched by Microsoft