This step-by-step article describes how to configure a .NET-connected application and a computer running Microsoft SQL Server to use an alternate port for network communications.
Many recent security breeches have used applications and databases that were configured to use their default port numbers. For example, a worm that searches for vulnerable database servers on the Internet might examine only TCP Port 1433. By default, SQL Server uses this port number.
One way to protect your application from automated attacks (such as viruses and worms) is to change the default port numbers that your application and database servers use for communications. Many .NET-connected applications use a SQL Server database. Therefore, you must reconfigure such applications to communicate with a database where the default port number has been changed. This article describes how to change both the port number that a computer running SQL Server uses and the port number that a .NET-connected application uses to communicate with the computer running SQL Server.
To change the port that your .NET-connected applications use to connect to Microsoft SQL Server, follow these steps:
Open your application's .config file in a text editor (such as Notepad). Typically, the .config file is located in the application’s folder and is named Application Name.config. For ASP.NET applications, this file may be named either Web.config or Application Name.config.
Most .NET-connected applications that require a database permit the system administrator to change the data source. The data source defines the name and the port number of the database server. However, the way that each application permits the system administrator to configure the data source varies. Search in the .config file (or files) for the element that defines the data source. Typically, the data source definition includes the phrase, data source, datasource, or dsn. For example, the following sample from an <appSettings> element is typical of how an application defines the data source for database requests:
Change the data source to use your custom port number by adding a comma and a port number after the database server’s name or IP address. Use the format, “SERVER-NAME,port”. For example, to configure the application to use a computer running SQL Server that is named SQLDB, and has a port number of 5656, change the value to data source=SQLDB,5656.
Save the .config file. ASP.NET applications restart automatically after you change the data source. You must manually restart all other types of .NET-connected applications for the change to take effect.