This article mainly introduces the Win2008 R2 WEB server Security Setting Guide to modify the 3389 port and Update patch, friends in need can refer to the
3389 port It refers to the remote desktop port in the Windows system. You can use it to manage remote computers just like operating a local computer, but it is also easy to be used by some hackers, so I must modify this port and install it in Modify the system immediately after completing it.
With the popularity of cloud hosts and Microsoft's vigorous updates, more and more people are using Windows Server 2008 R2 as a web server, and its powerful performance and operability have been well received. There are even more virtual host vendors selling win2008, so today I will talk about how I set up the security of the Win2008 server. I hope it can help everyone. Let’s stay away from broilers together. . .
A journey of a thousand miles begins with a single step. You must have a server with the Windows Server 2008 r2 operating system installed, otherwise it is just talk on paper. We recommend Tianyi Cloud, Alibaba Cloud, and Tencent Cloud. You can first take a look at the domestic cloud host comparison. Tianyi Cloud/Alibaba Cloud/Tencent Cloud have a brief understanding. I am currently using Tianyi Cloud host. If you don’t want to buy a host yet, then install a virtual machine locally to practice first.
Okay, now that we have the host, we also have the host IP, username, and password. Okay, open the remote desktop connection function in Win7 or Win8, as shown below:
Write the host IP address in the computer column, click Connect, and enter the next step page,
I will directly display the system user here. If your user is not administrator, click below to use Other accounts. Can. My operating computer system is Win8.1, so you can enter the password directly here. If your system is WinXP, Password box can only be entered on the system login interface. Enter the password in the password field to confirm. If you are using it on your own personal computer, check "Remember my credentials" below to facilitate the next login. If you are operating on a public computer, it is not recommended to check it. For safety reasons, do not perform remote connection operations on computers in public places such as Internet cafes and coffee shops.
Show commonly used desktop icons
Okay, after confirming, you can see the classic desktop of Windows Server 2008 R2. There is only one Recycle Bin icon on the desktop, which is simple enough. Although it is simple, there are no basic icons, which is really a bit unfamiliar to people who are used to Windows. Well, let's display the traditional desktop icons first. Although Win2008 r2 and Win7 have the same kernel, the desktop and server environments are different, so the desktop right-click function of Win2008 r2 is very simple, and there is no personalized setting function of Win7. So we need to change the method to display desktop icons.
Click the Start button, enter "ico" in the Search box,
Find one of them Click the item "Show or hide common icons on the desktop",
I have selected all icons here, you can choose according to your personal habits.
Modify the remote desktop connection port
Don’t rush to install the software. The first point of safety is to change the default port of remote connection to 3389. Press Win+R and enter regedit, open the registry and enter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp] , find PortNamber on the right side, double-click it, the hexadecimal data d3d is displayed by default, click to select decimal and it becomes 3389, this is the remote connection port, modify it to modify the remote connection port, for example, change it to 8579, OK to save.
Enter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Tenninal Server\WinStations\RDP-Tcp], modify the value of PortNamber to 8579, save and close the registry.
After the above two steps, the remote connection port has been modified in the registry, but do not restart the server at this time, otherwise you will Locked out.
Follow the above steps, open the Windows Firewall that comes with the system, enter the advanced settings, enter "Inbound Rules", click "New Rule", select "Port" for the rule type,
Next step, select "TCP", fill in the modified port in the registry above at the specified port, my here is 8579,
In the next step, select "Allow connection" to specify the connection conditions.
Next step, generally select all scopes,
Next step, for this rule Set a name to make it easy to remember, and a simple description. Click "Finish" to save the above settings. This rule will take effect.
The new rules have been set. Check whether the previous settings are correct and restart the server after confirming that they are correct.
Restart the remote desktop connection and add the new port number after the IP address.
As long as the previous settings are correct, you should be able to connect normally here to the server.
After logging in to the server, disable or delete the remote connection rules that come with the system, because it no longer works. Find "Remote Desktop (TCP-In)" and right-click to disable it.
The final step is to further improve the security of the remote desktop connection and set "Only allow connections from computers running remote desktop that use network level authentication". This will only allow systems above Win Vista to connect to the server.
#When I have the opportunity, I will write another article on remote desktop hardening based on IPsec.
Update system patch
Patch update is relatively simple, just open Windows Update to update.
Turn on automatic updates and set the automatic installation time. Generally, update the patch in the early morning.
Now we can install commonly used software on the server, such as iis, mssql, asp.net, php, etc.
The above is the detailed content of Win2008 R2 WEB Server Security Settings Guide - Detailed explanation on how to modify port 3389 and update patches. For more information, please follow other related articles on the PHP Chinese website!