SSH is one of the most commonly attacked services as it provides easy access to full control of a dedicated server. Changing the default SSH port will help prevent an attacker from launching brute force attacks to the default port.
**Change “someportnumber” to a new port number that is not in use for other services.
1. Login to your server as root
2. Within the command line, execute the command line ‘nano /etc/sysconfig/iptables’ to edit the IPTables configuration file.
Add the following line to the configuration file: ‘-A INPUT -m state –state NEW -m tcp -p tcp –dport someportnumber -j ACCEPT’ directly below line ‘-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT’ in the configuration file.
Save and exit by holding down ‘ctrl’ and ‘x’
3. Within the command line run the command ‘service iptables restart’ to restart the IPTables service
4. Run the command ‘service iptables status’ to see if the new rule has been applied (optional)
5. Edit the SSH configuration file with the command ‘nano /etc/ssh/sshd_config’
Modify the line ‘#port 22’ by removing ‘#’ and replacing ’22’ to your new desired port number we opened on the IPTables configuration.
Save and exit by holding down ‘ctrl’ and ‘x’
6. Within the command line, execute ‘service sshd restart’ to restart the SSH service.
7. If you can still access the command line, type ‘ss -tnlp | grep ssh’ to verify SSH is listening on the new port. (optional)
8. Connect to the server via SSH using the new port you selected.
9. Run the command ‘nano /etc/sysconfig/iptables’ to edit the IPTables configuration file again.
Comment out line ‘-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT’ by adding ‘#’ in the beginning of the line to block all connectivity to port 22.
Save and exit by holding down ‘ctrl’ and ‘x’
10. Execute the command ‘service iptables restart’ to restart the IPTables service