This guide applies to Windows Server 2008 R2, though the principals will remain the same, just the processes might be different
RDP stands for Remote Desktop Protocol. It is a tool that allows you to connect to a windows server from your home PC.
This process is displayed as it would appear on Windows 10, however, it is very similar on previous versions as well.
In your search bar for your operating system (in the start menu for Windows 7, in the taskbar for Windows 10), type remote desktop connection, it will normally show after just remote.
Open the program named remote desktop connection from your search, this will open a window asking you for details, enter your server IP, with port if it is different from the default (3389).
If you are using a custom port, simply add a colon, followed by the port number: server.ip:port.
When you press connect, another window will open asking for credentials.
Enter your given username and password, optionally you can choose for your PC to remember, which will mean next time you will not be asked for your credentials to login. If you have connected before, your username may be remembered.
Upon pressing OK, you will be connected to your server via remote desktop.
RDP data is encrypted (see here), but you can help increase security.
Only give out credentials to people who you trust
It may be better to create them their own account with limited privileges.
Stick with a default port
Changing a port to a non default one provides security through obscurity, it may stop login attempts being logged, but a port scan will still reveal your port eventually (this can be done in minutes). A port below 1024 is a system reserved port, meaning only a privileged account can open and run it.
Via Windows Firewall, you are able to set what IPs can and cannot connect to certain ports.
If you have a static IP, or access to a VPN, you can set it so that only that IP can connect to RDP.
1. Start by clicking on your Start Menu, then opening Control Panel, from here click on the System and Security.
2. Click on Windows Firewall, and then on Advanced Settings on the left hand side.
3. Click Inbound Rules on the left hand side, then find the rule named Remote Desktop (TCP-In), right click and select properties.
4. Click on the Scope tab, from here you can set local (IPs that can be connected to), and remote (IPs that can be connected from), you would normally not want to touch local.
5. Select the button marked These IP addresses, then click the Add button, input your IP and select OK, then select OK again, or Apply. You can also add a range of IPs, for example: 18.104.22.168 to 22.214.171.124 would include all IPs between these 2, you would not generally need to use the predefined set whilst hosting with us as it is not a network full of your own machines.
You have now whitelisted your IP, only the IPs listed here will be allowed to connect via RDP.
You can apply this to any rule you like, but please be careful as you may block or lose access for yourself or your users on any service.
Undoing the Whitelist
If you want to remove the restrictions, repeat up to step 4, but select the button Any IP address and then press OK.
Normally, problems connecting will come from one of the following:
- Wrong IP/Port
- Double check your IP and port are correct, unless you have changed your port, you shouldn't need to include this.
- Bad username/password
- Check your provided username and password, if you are sure its correct, get in touch and we can reset or check it for you as well.
- If RDP is not allowed via the firewall, or perhaps you are using whitelisted IPs, contact us if this occurs as you cannot fix it yourself if you cannot connect!
- If your server is offline for any reason you will not be able to connect
As always, you can submit a ticket if you need help with connecting and we'll be happy to help.
Do's and Don'ts
- Use a secure password
- Only give your credentials to people you trust, you might be better off creating an account for them instead with restricted privileges.
- Use an IP whitelist where possible
- Disable firewall rules, you will not be able to connect
- Change settings if you are unsure of how to do it