Fail2ban can be used to block users after a number of failed login attempts. It works by monitoring the apache access log for invalid logins.

  1. Make sure fail2ban is installed and enabled on your server.

  2. Add the filter definition to /etc/fail2ban/filter.d/groupoffice.conf:

    failregex = <HOST> - - .*auth.php.* 401\s
    ignoreregex =
  3. Define the jail in /etc/fail2ban/jail.d/groupoffice.conf:

    enabled = true
    port = http,https
    filter = groupoffice
    logpath = /var/log/apache2/access.log
    maxretry = 3


    Make sure the “logpath” value is set to the access log of the webserver.

For more information about Fail2ban and the configuration of it visit


This works from 6.3.62 and up.


If you use the Group-Office mailserver then also enable the sasl, dovecot and postfix filters.