diff --git a/ChangeLog b/ChangeLog
index f7ef95ac..127044d8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -46,6 +46,7 @@ ver. 0.8.12 (2013/12/XX) - things-can-only-get-better
 
   Daniel Black
    * filter.d/solid-pop3d -- added thanks to Jacques Lav!gnotte on mailinglist.
+   * Add filter for apache-modsecurity
   Bas van den Dikkenberg & Steven Hiscocks
    * filter.d/nsd.conf -- also amended Unix date template to match nsd format
 
diff --git a/config/filter.d/apache-modsecurity.conf b/config/filter.d/apache-modsecurity.conf
new file mode 100644
index 00000000..ad7e9b24
--- /dev/null
+++ b/config/filter.d/apache-modsecurity.conf
@@ -0,0 +1,18 @@
+# Fail2Ban apache-modsec filter
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# apache-common.local
+before = apache-common.conf
+
+[Definition]
+
+
+failregex = ^%(_apache_error_client)s ModSecurity:  (\[.*?\] )*Access denied with code [45]\d\d.*$
+
+ignoreregex = 
+
+# https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-2-Data-Formats
+# Author: Daniel Black
diff --git a/config/jail.conf b/config/jail.conf
index cdcad990..8104f464 100644
--- a/config/jail.conf
+++ b/config/jail.conf
@@ -187,6 +187,17 @@ logpath  = /var/log/apache*/*error.log
 maxretry = 6
 
 
+[apache-modsecurity]
+
+enabled  = false
+filter	 = apache-modsecurity
+action   = iptables-multiport[name=apache-modsecurity,port="80,443"]
+logpath  = /var/log/apache*/*error.log
+           /home/www/myhomepage/error.log
+maxretry = 2
+
+
+[nginx-http-auth]
 [nginx-http-auth]
 
 enabled = false