Create the following filter for wp-login in /etc/fail2ban/filter.d/wp-login.conf
[Definition] failregex = ^<HOST> .* "POST /wp-login.php ignoreregex =
[wp-login] enabled = true port = http,https filter = wp-login logpath = %(nginx_access_log)s maxretry = 4 findtime = 7200 # bantime: 1 year bantime = 31536000