Changing Port from 2222 - Port not found in directadmin.conf

Roberto

Roberto

Verified User
Joined
Apr 6, 2013
Messages
127
Location
London
When I check directadmin.conf:-

Code: 
nano /usr/local/directadmin/conf/directadmin.conf

I am unable to see Port=2222 here on my fresh install. It used to be here on my VPS before it was migrated. Has it been moved to another configuration file that I need to edit?

Regards
 
Try this to see what's being used:
Code: 
/usr/local/directadmin/directadmin c | grep port

Then explicitly set it if you want something different.
Code: 
/usr/local/directadmin/directadmin set port XXXX
 
Don't forget to restart DirectAdmin with
Code: 
systemctl restart directadmin

if you change it
 
Thanks @scriptkitty. That has worked setting the port to a new one. I can see port=xxxx has been added to directadmin.conf after I set it using your method, but that line with port=2222 was not there before. In previous VPS instances on other nodes, it was there from the outset.

and thanks @bdacus01. I've been using DirectAdmin since 2013, so did know how to restart, but worth mentioning for the community. Thanks!

Regards
 
Last edited:
Thanks @floyd.

This is a recent change. I have reinstalled DirectAdmin many times since I purchased in 2013, and previously the default port=2222 was there every time. In fact, in all the help discussions on the forum, the advice is to find port=2222 in order to change it, right up until 2019. It must have disappeared this year. In any case, the problem was solved.

Regards
 
That may be true but there has always been this stipulation:

Note that if the value does not exist in the directadmin.conf, it will be the default intenal value within DirectAdmin.
Adding a value to the directadmin.conf would override the internal default.
Click to expand...
(Internal is mispelled, lol.)


So if I don't see a value I expect I just add it. You can see all of the current values with

/usr/local/directadmin/directadmin c
Click to expand...

If you want to change one then either find it or add it in the conf.
 
Thanks @floyd
It's good to have your input too and useful to know that values can be added for other settings too.
Much obliged!
 
If you use csf as firewall, you can remove port 2222 from TCP_IN = and TCP6_IN =
And other ports as well, like 22.
Make sure your own ip is whitelisted in csf, then you have access to port 2222 and the rest of the world not.
Prevents a lot of hacking attempts.
 
Wanabo said:
If you use csf as firewall, you can remove port 2222 from TCP_IN = and TCP6_IN =
And other ports as well, like 22.
Make sure your own ip is whitelisted in csf, then you have access to port 2222 and the rest of the world not.
Prevents a lot of hacking attempts.
Click to expand...
Hi @Wanabo
I changed ports. But my both my ISP and my VPN provide dynamic, changing IP addresses, so removing inbound ports in CSF and whitelisting is not a good idea for everyone. You'd just end up locked out. That needs to be mentioned before people embark on that route. For those with a permanently static IP from the ISP, then sounds useful. I did pay my VPN for a static IP (for other purposes), but renewal cost is too high.
 
Last edited:
@Wanabo
I think I didn't explain properly. My web server has a static IP, but the IP from ISP that provides me with an Internet connection from home is dynamic. My web server is not based at home, but through a VPS hosting provider. I have used DynDNS to point to servers at home in the past, but that is not relevant here.

In terms of pointing a DynDNS domain to the webserver, which does have a static IP... At first, it sounds like a plausible solution, but is there anything that stops people discovering the DynDNS domain? I'd be interested to hear why it should be considered safer? Surely, you're just replacing an IP with a domain which is forwarded to the very same IP. DynDNS doesn't provide security, it just forwards?
 
Last edited:
themadguru said:
I think I didn't explain properly. My web server has a static IP, but the IP from ISP that provides me with an Internet connection from home is dynamic. My web server is not based at home, but through a VPS hosting provider. I have used DynDNS to point to servers at home in the past, but that is not relevant here.

In terms of pointing a DynDNS domain to the webserver, which does have a static IP... At first, it sounds like a plausible solution, but is there anything that stops people discovering the DynDNS domain? I'd be interested to hear why it should be considered safer? Surely, you're just replacing an IP with a domain which is forwarded to the very same IP. DynDNS doesn't provide security, it just forwards?
Click to expand...
A common reason for changing DA port 2222 is to prevent attacks to well known ports. If you close your port in CSF (remove from tcp in) they can't attack it. But you can't access it either. That is where whitelisting your ip comes in. But when your home ip is dynamic you can use the dyndns trick for accessing DA on a remote server. First try it only with port 2222 if that works than consider other ports like ssh port 22. Don't try port 22 before a successful port 2222 check, otherwise you can lock yourself out of your server. Assuming you have root access to your server.

It was never intended to assign dyndns to your webserver, but only for your home ip.
 
I get how to achieve it no need to explain that part. I have a lifetime account with DynDNS with unlimited hostnames and also unlimited domains. Have used it for years for different purposes.

I know how to change ports on the server and how to block them on CSF as you suggest. That wasn't my point. I am suggesting that just in the same way an attacker can discover the server IP, why can't an attacker just also use the DynDNS domain pointing to the IP? the attacker then gets the same access beyond the blocked ports that you do. Does that make sense? you're not understanding and not responding to my query.

Essentially, I'm asking you, what is stopping an attacker using the DynDNS address? answer that?
 
Last edited:
What use would an attacker have with your home ip or dyndns domain in relation to your external server? All though you use an dyndns address in csf, it will translate it to your current ip address to whitelist it in the firewall. I really don't see how an attacker can use your dyndns domain or your dynamic ip address to hack DA or your server.

I'm not in to hacking so perhaps I miss something here. Anyway, with my setup I don't have attacks on either port 2222 or port 22, simply because they are closed to any one but me.
 
I think we're at crossed purposed here. Hackers get hold of ddns url's of people with home IP cameras all the time. What is to stop them getting hold of the ddns URL pointing to the directadmin server?
 
When I confirm my port with the cd csf -g 2033 message: No matches found for 2033 in ip6tables
 
Standard Port is 2222, so you changed it to 2033 ? In CSF config, put it in "TCP_IN" field, and in "TCP6_IN"
 
You must log in or register to reply here.
Back
Top