---
title: ElastiCache clusters should use a non-default port for communication
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > ElastiCache clusters should use a
  non-default port for communication
---

# ElastiCache clusters should use a non-default port for communication
 
## Description{% #description %}

Change your AWS ElastiCache cluster endpoint port to a non-default port.

## Rationale{% #rationale %}

Using the default port puts clusters at risk of exploits and attacks. Configure a custom port to add an extra layer of security to your clusters.

## Remediation{% #remediation %}

### From the console{% #from-the-console %}

Follow the [Finding connection endpoints](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/Endpoints.html#Endpoints.Find.Redis) console documentation to learn how to find and modify your cluster's endpoint port.

### From the command line{% #from-the-command-line %}

1. Run `aws elasticache describe-cache-clusters` with your [ElastiCache cluster ID](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/elasticache/describe-cache-clusters.html#synopsis) to output the existing cluster configuration.

In the `describe-cache-clusters.sh` file:

```bash
  aws elasticache describe-cache-clusters
    --cache-cluster-id your-cc-id

  
```
Run `aws elasticache create-cache-cluster` with the cluster data returned in the previous step. Configure the new cache cluster with [a custom value](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/elasticache/create-cache-cluster.html#synopsis) for the endpoint port. This returns new cluster metadata.
In the `create-cache-cluster.sh` file:

```bash
  aws elasticache create-cache-cluster
    --cache-cluster-id new-cc-id
    ...
    --port 10001

    
```
Once the cluster endpoint port is updated, remove the old ElastiCache cluster. Run `delete-cache-cluster` with the [original cluster ID](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/elasticache/delete-cache-cluster.html#synopsis).
In the `delete-cache-cluster.sh` file:

```bash
  aws elasticache delete-cache-cluster
    --cache-cluster-id your-cc-id

  
```