To make Directadmin’s Brute Force Monitor work with CSF you should do the following:

The block_ip.sh is only used for an active “click” by the Admin, it does not automate blocking. Fetch the files:

Create the empty block list and exempt list files:

To automate blocking, install the following script:

Source:
http://forum.directadmin.com/showthread.php?t=44839&p=229244#post229244