Q: How can I protect my Windows IIS FTP servers against automated logon attacks? Does the IIS FTP server provide any features I can leverage?
A: Automated FTP logon attacks are one of the most common FTP attack vectors. During such an attack, hackers leverage scripts to bombard your FTP site with thousands of username and password combinations and hope to find one account and password that gives them access to the site.
Starting with IIS 8, which is bundled with Windows Server 2012, IIS supports a feature called FTP Logon Attempt Restrictions. This feature allows you to configure a number of logon attempts and a time period during which these attempts can occur. Based on these variables, it can decide to deny access to the FTP server from a particular IP address. You can use IIS Manager's FTP Logon Attempt Restrictions option to configure this new feature.
