Check if vsftpd is running or proftpd (if proftpd change below were appropriate)

$ pidof vsftpd

Since SSH will be limited to just the private key, Fail2Ban will block brute force attacks to clients with FTP access. 

$ sudo apt-get install -y fail2ban
$ sudo vim /etc/fail2ban/jail.local

Copy and paste into the jail.local file. Edit where necessary.


ignoreip = 

# (clients IP, if needed)

# "bantime" is the number of seconds that a host is banned.

bantime  = 600

# A host is banned if it has generated "maxretry" during the last "findtime"

# seconds.

findtime = 600

maxretry = 5


enabled = true

bantime = 86400

$ touch /var/log/auth.log

$ sudo fail2ban-client start
$ sudo fail2ban-client status
$ sudo fail2ban-client add vsftpd
$ sudo fail2ban-client reload
$ sudo fail2ban-client status

To unban an IP from FTP

$ fail2ban-client set vsftpd unbanip IPADDRESSHERE

To view banned IPs

$ sudo fail2ban-client status vsftpd|more