diff --git a/CHANGELOG b/CHANGELOG
index 1cc72723b..59417a311 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -20,6 +20,8 @@ ver. 0.8.1 (2007/??/??) - stable
   Christian Rauch
 - Tightening up the pid check in redhat-initd. Thanks to
   David Nutter
+- Added webmin authentication filter. Thanks to Guillaume
+  Delvit
 
 ver. 0.8.0 (2007/05/03) - stable
 ----------
diff --git a/MANIFEST b/MANIFEST
index b4a3a6984..b91adaa88 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -74,6 +74,7 @@ config/filter.d/sasl.conf
 config/filter.d/sshd.conf
 config/filter.d/sshd-ddos.conf
 config/filter.d/vsftpd.conf
+config/filter.d/webmin-auth.conf
 config/filter.d/wuftpd.conf
 config/action.d/hostsdeny.conf
 config/action.d/ipfw.conf
diff --git a/config/filter.d/webmin-auth.conf b/config/filter.d/webmin-auth.conf
new file mode 100644
index 000000000..ddf081ea1
--- /dev/null
+++ b/config/filter.d/webmin-auth.conf
@@ -0,0 +1,28 @@
+# Fail2Ban configuration file
+#
+# Author: Cyril Jaquier
+# Rule by : Delvit Guillaume
+#
+# $Revision$
+#
+
+[Definition]
+
+# patern :      webmin[15673]: Non-existent login as toto from 86.0.6.217
+#               webmin[29544]: Invalid login as root from 86.0.6.217
+#
+# Option:  failregex
+# Notes.:  regex to match the password failure messages in the logfile. The
+#          host must be matched by a group named "host". The tag "<HOST>" can
+#          be used for standard IP/hostname matching and is only an alias for
+#          (?:::f{4,6}:)?(?P<host>\S+)
+# Values:  TEXT
+#
+failregex = webmin.* Non-existent login as .+ from <HOST>$
+            webmin.* Invalid login as .+ from <HOST>$
+
+# Option:  ignoreregex
+# Notes.:  regex to ignore. If this regex matches, the line is ignored.
+# Values:  TEXT
+#
+ignoreregex =