diff --git a/docs/hardening/anti-bruteforce/wp-auth.conf b/docs/hardening/anti-bruteforce/wp-auth.conf
index 2acad450ca7f5f8a41f38a4e45a91418f9478c60..1fc420c87d36994c5f3b1c2bff0dd5c7b2717c4f 100644
--- a/docs/hardening/anti-bruteforce/wp-auth.conf
+++ b/docs/hardening/anti-bruteforce/wp-auth.conf
@@ -2,4 +2,9 @@
 # This goes into /etc/fail2ban/filter.d/wp-auth.conf
 #
 [Definition]
- failregex = ^<HOST> .* "POST /wp-login.php
\ No newline at end of file
+failregex = ^<HOST> .* "POST /wp-login.php
+            ^<HOST> .* "POST /wordpress/wp-login.php
+            ^<HOST> .* "POST /wp/wp-login.php
+            ^<HOST> .* "GET /login_page.php
+#ignoreregex = 
+ 
\ No newline at end of file