Earlier this week, I’d shown you how to connect to a VPS with InterWorx on SSH. In that, we saw that the default installation uses the regular SSH port of “22” for connections. In this article, I’ll show you how to change the SSH port. Why? Because look at this screenshot from my SSH login:
My last login was 2 days ago, and since then there have been 458 failed login attempts. These are just random spam attacks trying to break into the system. By changing the port to something other than “22”, we can add another layer of security. So here’s how to go about it.
Access the SSH Section in InterWorx
The first step is accessing your InterWorx login area. Once you’re in, select “System Services” on the left-hand side and choose “SSH Server” like this:
Now on the right, you’ll see a box titled “SSH Server Options”. In the field labeled “Port”, change the number 22 to something else. In this example, I’m going to use “2099”:
Click the “Update” button below and save your changes. But wait! We’re not done. We now need to unblock this port on the CSF firewall.
Unblocking the Port on the ConfigServer Firewall
InterWorx on NameHero comes pre-installed with the ConfigServer (csf) firewall. Stock installs of CentOS often come with something called “firewalld”. But I’ve personally used CSF before and prefer it a lot more. And NameHero agrees with me! So after saving your SSH port changes, click the “ConfigServer Plugins” section on the left and select “Security & Firewall” as shown here:
Now scroll down and find the “Firewall Configuration” button and click it:
Once there, use your browser’s “find” functionality to search for the field “TCP_IN”. When you get it, add the new port number to the end of the existing list separated by a comma (,) like this:
Now scroll all the way down and click the “Change” button to save the configuration files:
Once that’s done, you need to restart the CSF firewall and you’ll be prompted to do so in the next screen as shown here:
Click the restart button and you’re done!
Testing your Changes
Now when you try and access SSH with port 22 using PuTTY as explained in the earlier tutorial, you should get a “Connection refused” message like this:
That’s excellent news! It means the system is working as intended. Update your PuTTY configuration screen to include the new port number (In this case 2099), and you should be able to access your server via SSH using the new anonymous port!
This is a form of security known as “security by obfuscation”. It’s actually frowned upon my security “experts” because it’s not technically “security”. In my next article I’ll explain why this is just theoretical nonsense. It’s actually quite useful!
I’m a NameHero team member, and an expert on WordPress and web hosting. I’ve been in this industry since 2008. I’ve also developed apps on Android and have written extensive tutorials on managing Linux servers. You can contact me on my website WP-Tweaks.com!
Leave a Reply