Hi @lrnarasimhan, thanks for getting in touch!
Wordfence deals appropriately with IPs in real-time based on activity and intent. When they break rules in your settings, the firewall, or appear on our global blocklist then they will be blocked. If they aren’t doing enough to be blocked, a frequent level of activity from IPs all around the world is pretty normal to see in our experience. Usually they are doing so in a hit-and-hope manner with no advance knowledge of the platform or plugins your site is using. Keeping WordPress and your plugins regularly up-to-date and securing your admin accounts with complex passwords, 2FA, and/or reCAPTCHA should be sufficient to keep the site safe.
We generally believe a manual blocking regime is unnecessary, but you can attempt permanent blocks if you’re concerned about site speed or resources. If it’s not really affecting legitimate users and their experience on your site, they may not need to be permanently blocked and you can leave Wordfence to just continue dealing with them in real-time.
It is possible with the Premium version of the plugin to block or allow by country, but I am unable to discuss that further here as the forums are provided for the Free version of the plugin only. Please contact presales @ wordfence . com if you do want to discuss that, but for many customers the Free plugin is all they should ever need.
Many thanks,
Peter.
Thank you for the lay-of-the-land and for the options.
I have Recaptcha on comments, Akismet for comment spam filtering, autoupdates enabled, and Wordfence Free edition with a bunch of blocking rules but still get a lot of spam in the filter and a lot of bots trying assorted nonsense in hopes of finding some weakness. Maybe blocking entire countries is the way to go. This is a nocommercial blog with little to interest large chunks of the world except as a substrate for mischief.
I will contact presales and ask if there is an option to purchase the block-by-country feature.
