hi guys, if my server is running pure-ftpd, should pure-ftpd enabled=false or true in fail2ban conf? (there are no other ftp servers enabled in fail2ban conf) what does enabling in fail2ban actually do...does it monitor activity for these programs when enabled, or are they banned unless enabled here?
Probably so, though test it and watch for issues with legitimate traffic as usual. if you enable the jail, it will do whatever it's configured to do, which probably/hopefully is to monitor a logfile (logpath setting in the jail) for some patterns (filter setting) according to some other parameters (maxretry, etc.) and do something (action setting). If enabled = false, that jail is not used (that log file isn't monitored for that pattern, so the corresponding action will never run).