Changing the SSH Port in WHM/cPanel in 3 Steps
While there are many ways to make sure your server is as secure as possible, there are some basic steps that we can take to increase security. Users with a Linux server can change their SSH port to something other than the SSH default port (22). The steps listed below outline how to change SSH port numbers and enable the change.
Step #1: Reconfigure SSHD
The easiest way to change the SSH port is to SSH into the server as root.
ssh root@hostname/IP
Once logged in to the server as root, we can begin editing the sshd_config file. Follow best practices and take a backup before performing any server modifications.
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
Now we are ready to modify the file. Open /etc/ssh/sshd_config in your favorite text editor (for this example, we will use Vim).
vim /etc/ssh/sshd_config
We use the pound or hash symbol (#) for commenting, which tells the server to ignore anything after it on the same line. For example, if your sshd_config file is unaltered, the # may be commenting out the Port setting, as in the image below.

Locate the line that specifies the port. Remove the # symbol and change port number 22 to one that is not in use by a different service. For this example, we will use port 2222.

Next, save your changes using the :wq command and close the sshd_config file.
Step #2: Updating Your Firewall
Now, we need to open the new port in the server's firewall. This tutorial describes firewall changes on a standalone dedicated or virtual private server. Existing Liquid Web customers with a hardware firewall can contact our support team for assistance with adjustments.
Once again, we will use Vim as our text editor to make changes to the APF firewall configuration.
Again, follow best practices and create a backup before making any changes.
cp /etc/apf/conf.apf /etc/apf/conf.apf.bak
Open /etc/apf/conf.apf in Vim (or your favorite text editor) and locate the line labeled Common ingress (inbound) TCP ports.

Add your new SSH port number to the list of existing ingress ports, following the format of the existing port numbers. Save your changes to the conf.apf file and close your text editor.
Step #3: Restart Services
You must now restart SSH and APF to activate your changes. You can do so by running the /etc/init.d/apf restart command followed by /etc/init.d/sshd restart, as seen in the code block, and then the output below.
# service sshd restart
/etc/init.d/sshd restart
# service apf restart
/etc/init.d/apf restart

SSH will then restart and begin listening on the port number you have specified.
If you change the SSH port number, it is essential to note that this will also alter how you need to run specific commands that utilize SSH. For example, commands like scp and rsync require the new port number specified.
A managed hosting provider needs to have your SSH port on file to give you the best support (and often fix problems before you know they are happening). For Liquid Web customers, log in to your My Liquid Web account and update your root user and SSH information.
Need Additional Security?
Securing this connection is only one step in improving your overall server security. Preventing unauthorized SSH access to your server blocks those who seek to gain access for malicious reasons.
Liquid Web has several security offerings to ensure customer environments are protected. Whether you need server protection, compliance, or intrusion protection, Liquid Web has solutions to meet your security needs. Reach out to us today for additional information.
Related Articles:
- How to Install Adminer MySQL Database Management Tool on AlmaLinux
- How to Edit the PHP Memory for Your WordPress Site via WP Toolkit
- 4 Methods for How to Install Yarn on Windows Server
- How to Install Bpytop Resource Monitoring Tool on AlmaLinux
- How to Fix “This Site Can’t Provide a Secure Connection” Error
- How to Install MongoDB on AlmaLinux

About the Author: Ronald Caldwell
Ron is a Technical Writer at Liquid Web working with the Marketing team. He has 9+ years of experience in Technology. He obtained an Associate of Science in Computer Science from Prairie State College in 2015. He is happily married to his high school sweetheart and lives in Michigan with her and their children.
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
How to Install Adminer MySQL Database Management Tool on AlmaLinux
Read ArticleWhat is CGI-Bin and What Does it Do?
Read ArticleTop 10 Password Security Standards
Read ArticleTop 10 Password Security Standards
Read ArticleHow to Use the WP Toolkit to Secure and Update WordPress
Read Article