KEEP THE USERS OFF WITH NOLOGIN
There is a way to disable any new login attempts into a system. This can be achieved by simply creating a file called /etc/nologin.
It can have a null file size or a message can be placed into the file informing the status of the system. If a user attempts to login remotely, a message will display with contents of the /etc/nologin file, and then disconnect the user.
However, ftp connections are not affected by this, if ftpd is running.