I’ve had some trouble on our production webservers from entire countries hammering and abusing the services we provide. It used to be a good chunk of Brazil, but now it appears to be Costa Rica.
Country = Costa Rica Decimal IP Range = 3361423360 - 3361456127 Dot IP Range = 18.104.22.168 - 22.214.171.124
From here, I use iptables and issue the following:
$IPTABLES -A INPUT -m iprange --src-range 126.96.36.199-188.8.131.52 -p tcp -m tcp --dport 80 -j DROP
No more abuse from that entire country on port 80.