diff --git a/html/sogo-centos-6-mysql.html b/html/sogo-centos-6-mysql.html
index dadcd0c8..372c06ec 100644
--- a/html/sogo-centos-6-mysql.html
+++ b/html/sogo-centos-6-mysql.html
@@ -112,7 +112,10 @@ for you, just replace MySQL username/password in this file, then it's done.</p>
     WOPort = 127.0.0.1:20000;
 
     // PID file
-    //WOPidFile = /var/log/sogo/sogo.log;
+    //WOPidFile = /var/run/sogo/sogo.log;
+
+    // Log file
+    //WOLogFile = /var/log/sogo/sogo.log;
 
     // IMAP connection pool.
     // Your performance will slightly increase, as you won't open a new
diff --git a/html/sogo-centos-6-openldap.html b/html/sogo-centos-6-openldap.html
index 7563be71..471bd253 100644
--- a/html/sogo-centos-6-openldap.html
+++ b/html/sogo-centos-6-openldap.html
@@ -109,7 +109,10 @@ basedn, bind dn/passwordthen in this file, then it's done.</p>
     WOPort = 127.0.0.1:20000;
 
     // PID file
-    //WOPidFile = /var/log/sogo/sogo.log;
+    //WOPidFile = /var/run/sogo/sogo.log;
+
+    // Log file
+    //WOLogFile = /var/log/sogo/sogo.log;
 
     // IMAP connection pool.
     // Your performance will slightly increase, as you won't open a new
diff --git a/html/upgrade.iredmail.0.9.0-0.9.1.html b/html/upgrade.iredmail.0.9.0-0.9.1.html
index ceb66921..7cc99c43 100644
--- a/html/upgrade.iredmail.0.9.0-0.9.1.html
+++ b/html/upgrade.iredmail.0.9.0-0.9.1.html
@@ -16,6 +16,7 @@
 <li><a href="#upgrade-iredmail-from-090-to-091">Upgrade iRedMail from 0.9.0 to 0.9.1</a><ul>
 <li><a href="#changelog">ChangeLog</a></li>
 <li><a href="#general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</a><ul>
+<li><a href="#optional-setup-fail2ban-to-monitor-password-failures-in-sogo-log-file">[OPTIONAL] Setup Fail2ban to monitor password failures in SOGo log file</a></li>
 <li><a href="#optional-add-one-more-fail2ban-filter-to-help-catch-spam">[OPTIONAL] Add one more Fail2ban filter to help catch spam</a></li>
 <li><a href="#optional-fixed-return-receipt-response-rejected-by-iredapd-plugin-reject_null_sender">[OPTIONAL] Fixed: return receipt response rejected by iRedAPD plugin reject_null_sender</a></li>
 <li><a href="#fixed-cannot-run-php-script-under-web-document-root-with-nginx">Fixed: Cannot run PHP script under web document root with Nginx.</a></li>
@@ -43,6 +44,7 @@
 <p><strong>WARNING: Still working in progress, do <em>NOT</em> apply it.</strong></p>
 <h2 id="changelog">ChangeLog</h2>
 <ul>
+<li>2015-02-11: [All backends] [<strong>OPTIONAL</strong>] Setup Fail2ban to monitor password failures in SOGo log file.</li>
 <li>2015-02-11: [All backends] Fixed: Cannot run PHP script under web document root with Nginx.</li>
 <li>2015-02-09: [All backends] [<strong>OPTIONAL</strong>] Add one more Fail2ban filter to help catch spam.</li>
 <li>2015-02-04: [All backends] [<strong>OPTIONAL</strong>] Fixed: return receipt response rejected
@@ -54,6 +56,21 @@
               SQL query file while acting as SASL server.</li>
 </ul>
 <h2 id="general-all-backends-should-apply-these-steps">General (All backends should apply these steps)</h2>
+<h3 id="optional-setup-fail2ban-to-monitor-password-failures-in-sogo-log-file">[<strong>OPTIONAL</strong>] Setup Fail2ban to monitor password failures in SOGo log file</h3>
+<p>To improve server security, we'd better block clients which have too many
+failed login attempts from SOGo.</p>
+<p>Please append below lines in Fail2ban main config file <code>/etc/fail2ban/jail.local</code>:</p>
+<pre><code>[SOGo]
+enabled     = true
+filter      = sogo-auth
+port        = http, https
+# without proxy this would be:
+# port    = 20000
+action      = iptables-multiport[name=SOGo, port=&quot;http,https&quot;, protocol=tcp]
+logpath     = /var/log/sogo/sogo.log
+</code></pre>
+
+<p>Restarting Fail2ban service is required.</p>
 <h3 id="optional-add-one-more-fail2ban-filter-to-help-catch-spam">[OPTIONAL] Add one more Fail2ban filter to help catch spam</h3>
 <p>We have a new Fail2ban filter to help catch spam, it will scan HELO rejections
 in Postfix log file and invoke iptables to ban client IP address.</p>
@@ -74,6 +91,7 @@ failregex = \[&lt;HOST&gt;\]: SASL (PLAIN|LOGIN) authentication failed
 ignoreregex =
 </code></pre>
 
+<p>Restarting Fail2ban service is required.</p>
 <h3 id="optional-fixed-return-receipt-response-rejected-by-iredapd-plugin-reject_null_sender">[OPTIONAL] Fixed: return receipt response rejected by iRedAPD plugin <code>reject_null_sender</code></h3>
 <p>Note: this is applicable if you want to keep iRedAPD plugin <code>reject_null_sender</code>
 but still able to send return receipt with Roundcube webmail.</p>
diff --git a/integrations/0-sogo-centos-6-mysql.md b/integrations/0-sogo-centos-6-mysql.md
index ad14caa7..5085bf73 100644
--- a/integrations/0-sogo-centos-6-mysql.md
+++ b/integrations/0-sogo-centos-6-mysql.md
@@ -93,7 +93,10 @@ With below config file, SOGo will listen on address `127.0.0.1`, port `20000`.
     WOPort = 127.0.0.1:20000;
 
     // PID file
-    //WOPidFile = /var/log/sogo/sogo.log;
+    //WOPidFile = /var/run/sogo/sogo.log;
+
+    // Log file
+    //WOLogFile = /var/log/sogo/sogo.log;
 
     // IMAP connection pool.
     // Your performance will slightly increase, as you won't open a new
diff --git a/integrations/0-sogo-centos-6-openldap.md b/integrations/0-sogo-centos-6-openldap.md
index 3f0246b6..40bf5819 100644
--- a/integrations/0-sogo-centos-6-openldap.md
+++ b/integrations/0-sogo-centos-6-openldap.md
@@ -90,7 +90,10 @@ With below config file, SOGo will listen on address `127.0.0.1`, port `20000`.
     WOPort = 127.0.0.1:20000;
 
     // PID file
-    //WOPidFile = /var/log/sogo/sogo.log;
+    //WOPidFile = /var/run/sogo/sogo.log;
+
+    // Log file
+    //WOLogFile = /var/log/sogo/sogo.log;
 
     // IMAP connection pool.
     // Your performance will slightly increase, as you won't open a new
diff --git a/upgrade/0-upgrade.iredmail.0.9.0-0.9.1.md b/upgrade/0-upgrade.iredmail.0.9.0-0.9.1.md
index 026aa362..4817d234 100644
--- a/upgrade/0-upgrade.iredmail.0.9.0-0.9.1.md
+++ b/upgrade/0-upgrade.iredmail.0.9.0-0.9.1.md
@@ -7,6 +7,7 @@ __WARNING: Still working in progress, do _NOT_ apply it.__
 
 ## ChangeLog
 
+* 2015-02-11: [All backends] [__OPTIONAL__] Setup Fail2ban to monitor password failures in SOGo log file.
 * 2015-02-11: [All backends] Fixed: Cannot run PHP script under web document root with Nginx.
 * 2015-02-09: [All backends] [__OPTIONAL__] Add one more Fail2ban filter to help catch spam.
 * 2015-02-04: [All backends] [__OPTIONAL__] Fixed: return receipt response rejected
@@ -19,6 +20,26 @@ __WARNING: Still working in progress, do _NOT_ apply it.__
 
 ## General (All backends should apply these steps)
 
+### [__OPTIONAL__] Setup Fail2ban to monitor password failures in SOGo log file
+
+To improve server security, we'd better block clients which have too many
+failed login attempts from SOGo.
+
+Please append below lines in Fail2ban main config file `/etc/fail2ban/jail.local`:
+
+```
+[SOGo]
+enabled     = true
+filter      = sogo-auth
+port        = http, https
+# without proxy this would be:
+# port    = 20000
+action      = iptables-multiport[name=SOGo, port="http,https", protocol=tcp]
+logpath     = /var/log/sogo/sogo.log
+```
+
+Restarting Fail2ban service is required.
+
 ### [OPTIONAL] Add one more Fail2ban filter to help catch spam
 
 We have a new Fail2ban filter to help catch spam, it will scan HELO rejections
@@ -45,6 +66,8 @@ failregex = \[<HOST>\]: SASL (PLAIN|LOGIN) authentication failed
 ignoreregex =
 ```
 
+Restarting Fail2ban service is required.
+
 ### [OPTIONAL] Fixed: return receipt response rejected by iRedAPD plugin `reject_null_sender`
 
 Note: this is applicable if you want to keep iRedAPD plugin `reject_null_sender`
