fail2ban/config/filter.d/webmin-auth.conf

# Fail2Ban configuration file
#
# Author: Cyril Jaquier
# Rule by : Delvit Guillaume
#
#

[INCLUDES]

before = common.conf

[Definition]

_daemon = webmin

[Definition]

# patern :      webmin[15673]: Non-existent login as toto from 86.0.6.217
#               webmin[29544]: Invalid login as root from 86.0.6.217
#
failregex = ^%(__prefix_line)sNon-existent login as .+ from <HOST>\s*$
            ^%(__prefix_line)sInvalid login as .+ from <HOST>\s*$

ignoreregex =