Is there a way I can permanently blacklist or at least auto-ban any IP trying to login with the usernames "root" or "admin"? I get tens of thousands of invalid logins every day on my current SFTP server and I'm evaluating CompleteFTP to replace it. I can't do whitelisting since my clients would connect from anywhere. I am currently evaluating the enterprise version and have written a custom authenticator which works great. Unfortunately I won't really know how effective the auto-ban will be until I put this server in production. I'm also looking for a way to automatically blacklist IP addresses on the auto-ban list. I see that I can do it manually, but I was wondering if it could be done on a trigger. I'm thinking that it might be easier to remove IPs from people blacklisted in error than to fight the billions of zombie computers on a daily basis.
