wfasa on "[Plugin: Wordfence Security] Scanning Stops"

Hello Mighty Good,
it's difficult to make general rules about what exactly should be blocked because every site has it's own target audience. Any specific block rule must be weighed against the risk of blocking legit traffic.

I would suggest you look for pattes in the unwanted traffic you are having on your site and add rules based on that in your Wordfence settings. For example, check "Pages not found" in the Live Traffic view. Are there some strange requests for pages that do not exist and that you know should never be directly requested there? If so, you can add the last part of the URLs in Options/Other options/Immediately block IP's that access these URLs.

What invalid useames are people using to try to bruteforce in to your site? You can find that information under Live Traffics "Logins and logouts". Add those useames to Options/Login Security Options/Immediately block the IP of users who try to sign in as these useames. You can also select to "Immediately lock out invalid useames" though that might cause unwanted blocks by people who type in the wrong useame by accident.

You can also tweak your rate limiting rules to block more traffic. You can find information about recommended settings here.