If you suspect you are under attack from a specific IP address, you can block it from accessing your server by using a service like CloudFlare or by using security plugins if you're running WordPress.
However, if you wish to manually block an IP address, you can do so by adding the following to your app's .htaccess file:
<RequireAll> Require all granted Require not ip 220.127.116.11 </RequireAll>
Be sure to replace 18.104.22.168 with the IP address to be blocked.
You may block multiple IPs by repeating the line Require not ip 22.214.171.124 for each address you wish to block.
Apache also offers more information on configuring access control from your app's .htaccess file.