Well, got a domain (personal - tdperry.com - it runs in a VPS in a ProxMox server I have set up) and I guess the hacker type dweebs seem to think since it's not an "official" looking domain and more of a personal type one it will be "easy" to hack.
They don't apparently realize it has fail2ban running and also google-authenticator on it. Reason the count is so high is I ban the IP's for 14 days instead of a few minutes.
Because I access via iPhone, iPad, Galaxy Tablet, several Linux systems, rsync and some other utilities. You don't really do THAT much by changing the port. It's just as easy to leave it where it sits. Not to mention the fact that if all you do is change the port your are just asking for problems. You STILL need to secure it by some means.
Do you change your msyql port? What about memcache? Munin?