How Do I Get Back Into RDP?
You may be working from a local machine that has an IP that is not scoped on that RDP port, making it impossible for you to gain remote access to add the IP address to the RDP rule’s scope. Do not fret; there is a simple and quick way to add your IP to the RDP scoping (or any other entities such as MySQL or MSSQL) right through your Plesk interface in your local browser. You can watch this video, or scroll down for step-by-step directions.
For security purposes, it is always recommended that you scope off your Remote Desktop Protocol (RDP) connection on your server. Putting a scope on the RDP rule in the Windows Firewall will allow only the indicated IP addresses to gain access to the server through Remote Desktop Protocol. The issue is that many of us do not have static IP addresses, but rather Dynamic IP addresses. This means that while once our IP address may be 120.32.111.01, it may change to something like 95.42.121.01 later. So if you were to add 120.32.111.01 to the RDP firewall for a customer or a system administrator, then you may need to add another rule for a different IP address.
Adding Your IP in Plesk
Step 1: Log in to Plesk
First, we need to make sure we know how to get to that Plesk login page. By default, the Plesk login page is https://<YourServerIP>:8443. For example, https://127.0.0.1:8443
We should arrive at a page with this in the center. Go ahead and type in Admin for the username and your password for Plesk. Usually, that password is set up by our team and is the default Server Administrator Password. Sometimes the username is Administrator, depending on a few variables. But one of the two usernames should be fine.
Step 2: Tools & Settings
The first thing we need to do after we log into Plesk through the previous page is to navigate to the Firewall Rules. Go ahead and click on Tools & Settings. It will be located in the right sidebar near the bottom as shown below.
Step 3: Firewall
Once we pull up Tools & Settings go ahead and click on our destination, Firewall. You will find that option under the Security section. It will be the second option, just under Security Policy.
Step 4: Firewall Rules
After we are in the Firewall management, go ahead and click on Firewall Rules. This is where we will add the rule to allow a certain IP address to gain RDP access.
Step 5: Add a Firewall Rule
Under Tools, after going into the Firewall Rules, we will see the option labeled Add Firewall Rule. Go ahead and click on that, bringing us to our next step.
Step 6: Add Detail the New Rule
This is the page that we see after clicking on Add Firewall Rule. It can seem to be complicated and intimidating for some beginner level System Administrators, but it is simple.
If you or your client are not sure what that IP address that needs RDP access is, Liquid Web has a great site to visit that will display your IP address.
Once you enter the IP address into the text box under Remote addresses, you do need to click the ADD button before clicking on OK.
As mentioned above, after clicking the ADD button while the IP address is entered into the Add an IP address or a network text box, it will be placed into the left text box. After that step, you will then be able to click OK to apply this rule to the firewall for the server.
Step 7: Connect to RDP
The individual at that IP address can now access the server via RDP. If you would like to review an article explaining how to use Remote Desktop Connection, or if you need further assistance, you can locate more info at our internal help center after logging into your Liquid Web account.
Congratulations! You now know how to add an IP address to an RDP rule that will allow a user to connect if the RDP is scoped off to the public. This can be done many times. Although Plesk does not allow you to edit the rule, you will have to create a new one each time. But this shouldn’t cause any issues. Also, keep in mind that this method can be used for any port, including MySQL and MSSQL.
The Most Helpful Humans In Hosting™
We pride ourselves on being The Most Helpful Humans In Hosting™! Our support staff is always available to assist with any Dedicated, Cloud, or VPS server issues 24 hours a day, 7 days a week 365 days a year.
We are available, via our ticketing systems at firstname.lastname@example.org, by phone (at 800-580-4986) or via a LiveChat for whatever method you prefer. We work hard for you so you can relax.
What is FTP?You or your developer may want to have access via FTP (File Transfer Protocol) to the folders for the project or domain that is being worked on. FTP is a quick and easy way for someone to connect to their project, without having to have full access to RDP into the server. An FTP user will only have access to the folders that are designated to them, limiting them in their own environment so as not to accidentally change other user’s files and file structure on their project/domain. In this tutorial, we will cover how to utilize FTP on a Core/Self-Managed Dedicated server or a VPS server, as well as a Plesk Server. Let’s jump right in!
Enabling FTP ServicesThe first thing that you need to check before creating an FTP user is to enable FTP on your server. To do that on a Core/Self-Managed server, we need to RDP to the server and open Server Manager. Once the server manager is open, in the top right corner, there are a few options: Manage, Tools, View, and Help. We want to click on Manage, which will show a drop-down menu. At the top of the menu, click on the option Add Roles and Features.
Once you have the Add Roles and Features Wizard up, click Next until you are at the Server Selection.
Make sure your server is highlighted, by default, it should be. If so, you can click Next which brings you to Server Roles.
Server Roles are where you will find the features your server can have enabled separately, depending on your needs. We aren’t looking for anything but FTP at this time, so we won’t cover all of the features and services we find here. FTP services are going to be found under the role Web Server. Click on the carrot next to Web Server. There are 3 different options with checkboxes; Web Server, FTP Server, and Management Tools. Dropping down the FTP Feature will show the available FTP features. If all of these are already checked, you can skip ahead to the Adding and Assigning FTP Users section of this help article. However, if these are not checked, go ahead and check FTP Server and FTP Service. If your users plan on using ASP.NET services or IIS Manager, you will want to make sure you check FTP Extensibility. Once you have the FTP features selected, click on Next a couple of times until you get to the Confirmation page. At the top, you will see an option to “restart the destination server automatically if needed“. For installing FTP Services, a restart is not needed. We can leave this box unchecked and click on Install. This install process shouldn’t take too long.
Clicking on New User will pop up a simple interface that asks for the user name, the user’s full name, a description for that user that serves as a description for you, the administrator, to recognize the purpose of this user. Fill out this information accordingly and type in a password for this user. Under Confirm Password, we see that by default “User must change password at next logon” is selected. Because this is strictly for FTP, we will uncheck that and check “User cannot change password” and “Password never expires”. Considering the FTP user will only have access to the destination you allow, it is not necessary to change the password.
Adding an FTP SiteNow that FTP Services are installed and a user is created, we need to head on over to the IIS Manager. This can be found in the Start Menu, or by clicking on Tools in Server Manager as we did before, but clicking on Internet Information Services (IIS) Manager. Here is the IIS Manager, we need to create the FTP site that you will want this specific user to have access to. We do this by clicking on the drop-down carrot next to the server name, and then right-clicking on the folder that says “Sites“.
A menu will pop up, with the option to Add FTP Site. Enter the name you wish to give this FTP site. Select a Physical path, where you want the user for this FTP site to have access. Do this by either typing in the direct path, or selecting the 3 dots next to the entry bar and physically selecting the folder you wish to assign this FTP site.
Clicking next will bring you to Bindings and SSL settings. If you have any specific IP address that is assigned to a domain that is being used for this FTP Service, you need to make sure that the IP address is selected by dropping down the bar.
If all sites are taking advantage of Windows SNI (Server Name Identification) than you can leave this set to All Unassigned, if you wish to use a different port than the default FTP port, go ahead and type that in under Port. But if this is just a basic FTP instance for everyday purposes, go ahead and leave that port at the default 21. Next, you want to make sure that “Start FTP Site automatically” is selected. Unless of course, you want to manually allow the user to connect to their FTP site only when you designate by starting the page in IIS. Select No SSL and click Next for this FTP Site. In this tutorial, we will not be covering setting up an SSL for this specific FTP Site. If you do already have an SSL that you have added to the server for this purpose, you need to make sure that Allow or Require under SSL is checked, and select your SSL on the drop down bar labeled SSL Certificate.
Now we have been brought to the Authentication and Authorization section. Here at the top are two options for Authentication. Make sure that both boxes are checked. Finally, we have the Authorization section where we would select the groups or users we want to allow to be able to log into this FTP Site.
Setting Up the Windows FirewallNow that we have the FTP site all set up and ready to go, we do need to set up the firewall rules. Open up your firewall by clicking on Start, scrolling to Windows Administrative Tools, and clicking on Windows Firewall with Advanced Security.
We need to set some rules on the Inbound Rules section, so click on that first. It’s in the top right corner. After clicking on Inbound Rules in the top right corner under Actions, you will see a section called Inbound Rules. Under that category should be New Rule.
You may have to click on the arrow next to Inbound Rules to see this. Click on the New Rule… And you will be selecting the Rule Type. For FTP we will be using Port, so click on that and Next. Now you will see Protocol and Ports. For Protocol, use the setting TCP. For Specific local ports type 21, 5001-5051 and click on Next. Now we have the Action section. By default, “Allow the connection” is selected. Keep this the way it is and press Next. Now you will be prompted for when this rule will apply. We want it always to apply so keep each network connection type box checked. There are three: Domain, Private, and Public. Click Next, and you will be naming the firewall rule. We suggest just naming it FTP Connection or something of the sort.
You should be all set. Go ahead and log into another computer, use your favorite FTP client (such as Filezilla), enter the IP address as a host, and your newly created username and password, port number, and click connect. You are now connected FTP to your designated pathway on your server.