Check if vsftpd is running or proftpd (if proftpd change below were appropriate)

$ pidof vsftpd


Since SSH will be limited to just the private key, Fail2Ban will block brute force attacks to clients with FTP access. 


$ sudo apt-get install -y fail2ban
$ sudo vim /etc/fail2ban/jail.local


Copy and paste into the jail.local file. Edit where necessary.

[DEFAULT]

ignoreip = 127.0.0.1/8 

# (clients IP, if needed)


# "bantime" is the number of seconds that a host is banned.

bantime  = 600


# A host is banned if it has generated "maxretry" during the last "findtime"

# seconds.

findtime = 600

maxretry = 5


[vsftpd]

enabled = true

bantime = 86400


$ touch /var/log/auth.log

$ sudo fail2ban-client start
$ sudo fail2ban-client status
$ sudo fail2ban-client add vsftpd
$ sudo fail2ban-client reload
$ sudo fail2ban-client status


To unban an IP from FTP

$ fail2ban-client set vsftpd unbanip IPADDRESSHERE

To view banned IPs

$ sudo fail2ban-client status vsftpd|more