diff --git a/config/filter.d/paperless-ngx.conf b/config/filter.d/paperless-ngx.conf
new file mode 100644
index 00000000..e2d17db0
--- /dev/null
+++ b/config/filter.d/paperless-ngx.conf
@@ -0,0 +1,9 @@
+# Fail2Ban filter for unsuccessful paperless-ngx authentication attempts
+# Logged in /var/log/paperless.log
+
+# Author: LearningSpot
+
+[Definition]
+
+failregex = ^\s*(?:\[\]\s*)?\[INFO\] \[paperless\.auth\] Login failed for user `<F-USER>\S+</F-USER>` from (private )?IP `<ADDR>`\.$
+ignoreregex =
diff --git a/config/jail.conf b/config/jail.conf
index 5d75f4f5..baa9e9d8 100644
--- a/config/jail.conf
+++ b/config/jail.conf
@@ -995,3 +995,7 @@ logpath = /var/log/daemon.log
 [vaultwarden]
 port = http,https
 logpath = /var/log/vaultwarden.log
+
+[paperless-ngx]
+port = http,https,8000
+logpath = /var/log/paperless.log
diff --git a/fail2ban/tests/files/logs/paperless-ngx b/fail2ban/tests/files/logs/paperless-ngx
new file mode 100644
index 00000000..b3688e52
--- /dev/null
+++ b/fail2ban/tests/files/logs/paperless-ngx
@@ -0,0 +1,5 @@
+# failJSON: { "time": "2024-08-30T16:26:55", "match": true , "host": "80.187.85.94" }
+[2024-08-30 16:26:55,139] [INFO] [paperless.auth] Login failed for user `testuser` from private IP `80.187.85.94`.
+
+# failJSON: { "time": "2024-08-30T17:44:54", "match": true , "host": "2001:db8::b6d3:95d7:1425:766d" }
+[2024-08-30 17:44:54,874] [INFO] [paperless.auth] Login failed for user `test6pub` from IP `2001:db8::b6d3:95d7:1425:766d`.