DirectAdmin since version 1.39 has function to detect brute force attack (Info) but DirectAdmin didn't block IP that brute force us. It just warn and annoy us by sending an email. DirectAdmin already provide how to automatic block IP when detect brute force for CentOS/Fedora here but they didn't provide for Debian so I will do for you