[time4tea]

You can block CN, RU, SG, KR, and the level 3 from "ipsum" and the numbers go down a lot.

People might not know about ipset - dont use individual rules in iptables.

Nginx can reject easily based on country.

geoip2 /etc/GeoLite2-Country.mmdb { $geoip2_metadata_country_build metadata build_epoch; $geoip2_data_country_code default=Unknown source=$remote_addr country iso_code; }

  map $geoip2_data_country_code $allowed_country {
    default yes;
    KR no;
    SG no;
    CN no;
    RU no;
 }

server { .... if ($allowed_country = no) { return 444; } }