How to protect FTP Server from brute force attacks

IIS 8.0 FTP Logon Attempt Restrictions

If you are constantly being probed by hackers on your FTP, or you discover a lot of failed logon attempts, Windows IIS 8 FTP Server comes with a very handy feature, called Logon Attempt Restrictions.

To configure the FTP service to deny malicious users from accessing your FTP service, use the following steps:

• Log in as an administrator on your Windows Server 2012 computer.
• Open the Internet Information Services (IIS) Manager.
• Highlight your server name in the Connections pane, and then double-click FTP Logon Attempt Restrictions in the list of features.

• Check the box to Enable FTP Logon Attempt Restrictions, and specify the number of failed login attempts and time period that the FTP service uses to determine whether to block access for FTP clients.

• Click Apply.