i've made some progress.
first, the subsystem in sshd_config needs to be edited.
Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp
this will allow you to SFTP, but the user is not actually jailed to any directory. to do this, you need to add the following to sshd_config
Match Group client0
%h is the user's home directory. this needs to be owned by root in order for the jail to work.
and finally, you need to create a directory for the user to SFTP files into in their home directory, with the user's permissions.
i'm going to dig around ispconfig's code to see if i can automate this. or maybe add users outside of ispconfig, since i think the root permissions on their directories may not be the best thing.