Get a VPS now!

English
InfrawireInfrawire LogoDocumentation
Appeler

Secure Remote Desktop (RDP) on a Windows VPS

Harden RDP: NLA, dedicated accounts, firewall, optional port change after [RDP login](/docs/vps-windows/se-connecter-rdp).

~1 min read
rdpsecuritywindowsfirewallvps

RDP is the main entry point to your Infrawire Windows VPS. This guide reduces attack surface.

📋 Prerequisites

  • Windows VPS with Administrator access
  • Working RDP (RDP guide)

Enable Network Level Authentication (NLA)

Bash
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name UserAuthentication -Value 1

Create a dedicated admin account

Bash
$user = "RdpAdmin"
$pass = Read-Host "Strong password" -AsSecureString
New-LocalUser -Name $user -Password $pass
Add-LocalGroupMember -Group "Administrators" -Member $user

Firewall: allow RDP only

Bash
Get-NetFirewallRule -DisplayGroup "Remote Desktop" | Set-NetFirewallRule -Enabled True

Account lockout policy

Lock account after several failed attempts via Local Security Policy.

Secure RDP! 🚀

Need help?

Questions about this guide? Our team and community are here to help.

Support

Our team is available 24/7 to help you

Discord

Join our community

Telegram

Message us directly for quick 24/7 support