I suggest feature that blacklists whole subnets.
Some aggressive sites have been scanning my site long time. They hop from one IP address to another within a small range. Watching their pattern they stay usually within same 8..10 bits subnet in IPv4 and 64 bits subnet in IPv6.
There could be a new option to “merge” active blacklist entries. If there are two blacklist items within x bits subnet, they merge from individual adresses to one subnet blacklist.