Originally Posted by dclardy
Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server.
I have tried to configure fail2ban, but I have never seen it block anything for the FTP server.
Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0?
In /etc/fail2ban/filter.d/pure-ftpd.conf make sure you have:
failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.*
In /etc/fail2ban/jail.local add following below ftp server :
enabled = true
port = ftp
filter = pure-ftpd
logpath = /var/log/syslog
maxretry = 3
Restart fail2ban and it should work.