Thanks Peter !
No, no : I don't intend to ban on the notifications. I definitely wasn't clear on this. My two lines are meant to suppress the notification lines in the apache logs. There is, for a single user, one line per second added to the log. That's huge ! It not only bloats the log, it makes fail2ban scan loads of data that are good. I chose to suppress the line on apache-level instead of with an ignoreregex in fail2ban.
Protecting against brute force login attempts would be nice, but I don't see a 403 on wrong login. But I maybe try to hack up a new repeat-offender filter that checks for repeated login attempts.
Even better would be if one could rename the login page. If we had this, any attempt to reach index.php/site/login could be regarded as a hacking event.