Auto blocking with suspicious URL attempts

What would be the best way to handle suspicious activity when someone or some bot is trying to access a non-existing (404) admin page such as “/wp-login.php” etc?