Server Help

[Cerium]

So, it's that time again when I evaluate the software running on my server and upgrade.

As some of you know, I've been using FileZilla FTP Server for a couple months now. It's a great free, open source server but this is kinda reflected in the quality. There is a severe lack of advanced features, and some configuration is a bit odd. However, the biggest problem comes from it's lack of ban control (story below).
Another server I liked (but lacked critical functionality) was Gene6. It's a nice server, but it lacks a couple of functions and the retardo developers decided against releasing the plugin SDK.

Basically, what I need is an FTP server that meets the following requirements:

- Autobanning, even if only temporary.
- User & group specific virtual directories, home directories and chroot-ing.
- A fancy gui (so a fancy man like myself doesn't have to memorize more commands).




Also, I need a way to combat these fucking asian crackbots. My personal server -- which runs off my personal internet connection -- is constantly hammered by cracking attempts, both on FTP and HTTP. The FTP attempts could be easily combated by an auto-banning system, but HTTP I'm not so sure about. Rather than trying to crack passwords, requests are made to insecure services and scripts people have on their site (hi, assassin). My httpd log looks like this:

Code: Show/Hide 66.118.252.50 - - [20/Nov/2006:14:47:02 -0600] "GET /a1b2c3d4e5f6g7h8i9/nonexistentfile.php HTTP/1.0" 404 344 66.118.252.50 - - [20/Nov/2006:14:47:02 -0600] "GET /adxmlrpc.php HTTP/1.0" 404 318 66.118.252.50 - - [20/Nov/2006:14:47:02 -0600] "GET /adserver/adxmlrpc.php HTTP/1.0" 404 327 66.118.252.50 - - [20/Nov/2006:14:47:02 -0600] "GET /phpAdsNew/adxmlrpc.php HTTP/1.0" 404 328 66.118.252.50 - - [20/Nov/2006:14:47:02 -0600] "GET /phpadsnew/adxmlrpc.php HTTP/1.0" 404 328 66.118.252.50 - - [20/Nov/2006:14:47:02 -0600] "GET /phpads/adxmlrpc.php HTTP/1.0" 404 325 66.118.252.50 - - [20/Nov/2006:14:47:03 -0600] "GET /Ads/adxmlrpc.php HTTP/1.0" 404 322 66.118.252.50 - - [20/Nov/2006:14:47:03 -0600] "GET /ads/adxmlrpc.php HTTP/1.0" 404 322 66.118.252.50 - - [20/Nov/2006:14:47:03 -0600] "GET /xmlrpc.php HTTP/1.0" 404 316 66.118.252.50 - - [20/Nov/2006:14:47:03 -0600] "GET /xmlrpc/xmlrpc.php HTTP/1.0" 404 323 66.118.252.50 - - [20/Nov/2006:14:47:03 -0600] "GET /xmlsrv/xmlrpc.php HTTP/1.0" 404 323 66.118.252.50 - - [20/Nov/2006:14:47:06 -0600] "GET /blog/xmlrpc.php HTTP/1.0" 404 321 66.118.252.50 - - [20/Nov/2006:14:47:06 -0600] "GET /drupal/xmlrpc.php HTTP/1.0" 404 323 66.118.252.50 - - [20/Nov/2006:14:47:06 -0600] "GET /community/xmlrpc.php HTTP/1.0" 404 326 66.118.252.50 - - [20/Nov/2006:14:47:06 -0600] "GET /blogs/xmlrpc.php HTTP/1.0" 404 322 66.118.252.50 - - [20/Nov/2006:14:47:06 -0600] "GET /blogs/xmlsrv/xmlrpc.php HTTP/1.0" 404 329 66.118.252.50 - - [20/Nov/2006:14:47:07 -0600] "GET /blog/xmlsrv/xmlrpc.php HTTP/1.0" 404 328 66.118.252.50 - - [20/Nov/2006:14:47:07 -0600] "GET /blogtest/xmlsrv/xmlrpc.php HTTP/1.0" 404 332 66.118.252.50 - - [20/Nov/2006:14:47:07 -0600] "GET /b2/xmlsrv/xmlrpc.php HTTP/1.0" 404 326 66.118.252.50 - - [20/Nov/2006:14:47:07 -0600] "GET /b2evo/xmlsrv/xmlrpc.php HTTP/1.0" 404 329

And this happens about once daily from anywhere from 3-5 different IPs -- all of which belong to some fuckwad in China. I imagine MGB would know of some crazy configuration for blocking/banning these assholes, but any info would be appreciated.
_________________
There are 7 user(s) ignoring me right now.

[Mine GO BOOM]

Only thing I could think of for that, without bothering to search if someone made an apache module to ban things on its own, would be to use htaccess to redirect people trying to view that specific file to a php script. That script would then edit the htaccess file, and add that IP into the denied range.

Easiest way to have an IP blocked from a website is through htaccess's denied list.

As for ftp servers, I'm assuming you are using Windows? Don't have much expeciance, as I've only liked FileZilla server on windows (for pretty much only me using it) and proftpd on Linux because it links into user accounts so nicely. But usually on the Linux side, I try to promote SFTP usage and only enable ftp if someone needs it.

[Doc Flabby]

why not just block all china ips on your firewall. list here:

http://www.apnic.net/apnic-bin/ipv4-by-country.pl?country=cn

we talking windows ftp servers? or linux? best linux ftp server is pure-ftpd.
pure ftpd also has a windows port i think but i couldnt find it...

just as a note there is a good list of open source software here

http://osswin.sourceforge.net/
_________________
Rediscover online gaming. Get Subspace | STF The future...prehaps

[CypherJF]

i like warftp but i haven't used it in some time.
_________________
Performance is often the art of cheating carefully. - James Gosling

[BDwinsAlt]

Cerium, I used GuildFTP. It is really cool. It has autobanning, custom messages, custom directories for different users, it has a nice GUI. I think it's free, if not you can just get a serial number off the internet somewhere.

http://www.guildftpd.com/