Edit file File name : drupal-auth.conf Content :# Fail2Ban filter to block repeated failed login attempts to Drupal site(s) # # # Drupal must be setup to use Syslog, which defaults to the following format: # # !base_url|!timestamp|!type|!ip|!request_uri|!referer|!uid|!link|!message # # [INCLUDES] before = common.conf [Definition] failregex = ^%(__prefix_line)s(https?:\/\/)([\da-z\.-]+)\.([a-z\.]{2,6})(\/[\w\.-]+)*\|\d{10}\|user\|<HOST>\|.+\|.+\|\d\|.*\|Login attempt failed for .+\.$ ignoreregex = # DEV Notes: # # https://www.drupal.org/documentation/modules/syslog # # Author: Lee Clemens Save