diff --git a/config/filter.d/nginx-bad-request.conf b/config/filter.d/nginx-bad-request.conf
new file mode 100644
index 00000000..ea26d56a
--- /dev/null
+++ b/config/filter.d/nginx-bad-request.conf
@@ -0,0 +1,13 @@
+# Fail2Ban filter to match bad requests to nginx
+#
+
+[Definition]
+
+# The request often doesn't contain a method, only some encoded garbage
+failregex = ^<HOST> \- \S+ \[\] \".+\" 400 .+$
+
+datepattern = {^LN-BEG}%%ExY(?P<_sep>[-/.])%%m(?P=_sep)%%d[T ]%%H:%%M:%%S(?:[.,]%%f)?(?:\s*%%z)?
+              ^[^\[]*\[({DATE})
+              {^LN-BEG}
+
+# Author: Jan Przybylak