diff --git a/config/filter.d/monit.conf b/config/filter.d/monit.conf
new file mode 100644
index 00000000..f32eae61
--- /dev/null
+++ b/config/filter.d/monit.conf
@@ -0,0 +1,18 @@
+# Fail2Ban filter for monit.conf, looks for failed access attempts
+#
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+# Samples: 
+# [PDT Apr 16 20:59:11] error    : Warning: Client '1.2.3.4' supplied unknown user 'foo' accessing monit httpd
+# [PDT Apr 16 20:59:33] error    : Warning: Client '1.2.3.4' supplied wrong password for user 'admin' accessing monit httpd
+
+failregex = Warning: Client '<HOST>' supplied
+
+ignoreregex =
diff --git a/config/jail.conf b/config/jail.conf
index 96b3096f..7f7a7cbe 100644
--- a/config/jail.conf
+++ b/config/jail.conf
@@ -366,6 +366,12 @@ maxretry = 5
 port     = http,https
 logpath  = /var/log/tomcat*/catalina.out
 
+[monit]
+#Ban clients brute-forcing the monit gui login
+filter   = monit
+port = 2812
+logpath  = /var/log/monit
+
 
 [webmin-auth]