This is a good question. I did see someone over on Mastodon wondering about blocking IP ranges, but the consensus seemed to be that whack-a-mole security puts a high burden on admins.
Unfortunately I'm not technical enough to speak to anything specific to kbin