Search Our Database
How to Change the Default DirectAdmin Port (2222 to Custom port)
Introduction
DirectAdmin is a popular and lightweight web hosting control panel that uses port 2222 as its default access point for the web interface. While this default configuration works in most cases, changing the default port can enhance server security by reducing the risk of automated attacks or bots scanning for open ports commonly associated with control panels.
Changing the DirectAdmin port is a routine task for system administrators looking to implement security through obscurity or meet specific organizational firewall or compliance requirements. It’s particularly relevant in managed hosting environments, VPS, and dedicated servers where the administrator wants to limit exposure to DirectAdmin’s login interface.
This change is system-wide and will affect how all users and administrators access the DirectAdmin panel. Therefore, it’s important to notify users and update any relevant firewall rules, monitoring tools, or bookmarks pointing to the old port.
This guide provides a comprehensive walkthrough on how to change the default DirectAdmin port from 2222 to a custom value using the command-line interface. The steps are based on DirectAdmin’s native configuration and supported Linux distributions such as CentOS, AlmaLinux, Debian, and Ubuntu.
Prerequisites
- A server running DirectAdmin (version 1.61.0 or newer recommended)
- Root SSH access to the server
- CustomBuild 2.0 or newer installed
- A free and unused port number (e.g., 2280, 2443, 8443)
- Firewall access to allow the new port through firewalld, iptables, or ufw
- Backup or snapshot of the system (recommended)
Step-by-step Guide
Step 1: Connect to the Server via SSH
Access the server with root privileges:
ssh root@your-server-ip
Step 2: Edit the DirectAdmin Configuration File
Open the configuration file:
vim /usr/local/directadmin/conf/directadmin.conf
Look for the line:
port=2222
-
If the line port=2222 exists, modify it to your desired port.
-
If it does not exist, add it manually at the bottom of the file.
Example:
port=2280
Step 3: Update the Firewall to Allow the New Port
Choose the appropriate firewall configuration based on your server:
For firewalld (CentOS/AlmaLinux/Rocky):
firewall-cmd --permanent --add-port=2280/tcp firewall-cmd --permanent --remove-port=2222/tcp firewall-cmd --reload
For iptables :
iptables -I INPUT -p tcp --dport 2280 -j ACCEPT iptables -D INPUT -p tcp --dport 2222 -j ACCEPT service iptables save
For ufw (Ubuntu/Debian):
ufw allow 2280/tcp ufw delete allow 2222/tcp ufw reload
For csf (ConfigServer Firewall):
Edit `/etc/csf/csf.conf` and find the following directives: TCP_IN = "20,21,22,25,53,80,110,143,443,587,993,995,2222" TCP_OUT = "20,21,22,25,53,80,110,113,443,587,993,995"
-
Replace 2222 with 2280 in TCP_IN.
-
Add 2280 to TCP_OUT if needed.
-
Then restart CSF:
Step 4: Restart DirectAdmin Service
service directadmin restart
Or for systemd :
systemctl restart directadmin
Step 5: Access DirectAdmin via the New Port
Open a browser and visit:
https://your-server-ip:2280
Conclusion
Changing the DirectAdmin default port from 2222 to a custom port helps reduce exposure to automated scans and brute-force attacks, contributing to a more secure server environment. This guide explained how to safely change the port by editing the configuration file, adjusting firewall rules, and restarting the service.
To avoid service interruptions, always ensure the new port is open in your firewall before restarting DirectAdmin. It is also advisable to maintain console access or a fallback SSH session while performing the change.
Should you have any inquiries about the guidelines, please feel free to open a ticket through your portal account or contact us at support@ipserverone.com. We’ll be happy to assist you further.