# Fail2Ban filter for monit.conf, looks for failed access attempts # # [Definition] failregex = \]\s*error\s*:\s*Warning:\s+Client '' supplied unknown user '\w+' accessing monit httpd$ \]\s*error\s*:\s*Warning:\s+Client '' supplied wrong password for user '\w+' accessing monit httpd$