Is Black Listing an IP enough?

While working in the admin dashboard earlier this morning, I noticed it was moving at a snail’s pace. Only after talking with the web host did we determine that the slow down was from an onslaught of bot attacks from a few IPs and it was maxing out the CPU on my server. I black listed those IPs in WP Cerber… Is that enough to stop the attack? Or is there something else I need to do? In other words, does black listing block the IP from ever being able to hit my site?

The reason I’m asking this is because although black listed, malicious activity is still being registered:

it is enough. they can visit your adres only they don’t get acces . error 404

Is there any way to automatically black list IPs when these types of events are triggered?

Generally, it is not necessary to block users. However, if you are considering this, it is possible to add this functionality in the purchased version of the product (I think). What you can do here, though, is extend the block duration for users. under ‘main settings’ chose 'Mitigate aggressive attempts ’ example lockout duration to
99
hours after
2
lockouts in the last
1 or 2 hours

Ok, thank you for the help!