Khoi Pro Why Port 22 Is a Target
At CODE TOT, we manage 50+ WordPress sites on RunCloud servers and understand the importance of security. One of the most common vulnerabilities on these platforms is brute force attacks targeting SSH (port 22). Changing the default port significantly enhances security by reducing the attack surface available to malicious users.
Choosing a New Port
For enhanced security, it’s advisable to use ports outside the well-known range. Ports in the 10,000-65,535 range are less likely to be targeted by automated attacks. Avoid using commonly associated port numbers like 3389 (RDP), 2048-2086 (VMware), and others that might have already been flagged.
Download and Run the Script
To change your SSH port on RunCloud, simply download the following script:
wget https://raw.githubusercontent.com/codetot-web/runcloud-bash-scripts/refs/heads/main/change-ssh-port.shNext, make the script executable and run it with root permissions:
chmod +x change-ssh-port.sh
sudo ./change-ssh-port.sh What the Script Does Internally
- Creates timestamped backups of configs (.bak.YYYY-MM-DD-HHMM)
- Updates /etc/ssh/sshd_config by uncommenting or replacing/appending the new port
- If firewalld is running, opens the new port via firewall-cmd –permanent and removes port 22
- Updates /etc/fail2ban/jail.local to monitor the new SSH port with a retry limit of 5 and logs in /var/log/auth.log
- Restarts both SSH and fail2ban services using systemctl or service fallback if systemctl is unavailable
Restoring the Original Configuration
If at any point you need to revert back to the original configuration, simply run:
sudo ./change-ssh-port.sh restoreImportant Notes
- Always ensure that the chosen port is not already in use by another service on your server.
- After changing the SSH port, you will need to update any client configurations that connect to your server via SSH.
- Be cautious when applying changes during high-traffic periods or critical operations as this might introduce a brief downtime.
To secure your WordPress sites hosted on RunCloud, integrating security measures like changing the default SSH port is crucial. By following our guide and using the provided script, you can enhance the security of your infrastructure while maintaining easy access for authorized users.
