You should not rely on blocking specific IP addresses to mitigate hacking attempts. To make your system secure, it should be protected against hacking from ANY IP address. You should block access to all ports except for the ports which are used.
For example, when you provide a web service, allow port 80, and only allow it to communicate directly with a web server which is designed to be secure.
IP/user blocking is useful in protecting against denial of service attacks. But this may be regarded as an issue distinct from security issues.
To protect a website against hacking attempts, you must be careful in the code which you allow the public to access, for example, careful programming to prevent SQL injection, or authentication bugs. This is completely domain-specific. For example, a different set of skills may need to be applied to protect different web services, eg. ssh. Luckily, most pre-packaged software that you may use are usually carefully designed to be secure. You can help with this by updating applications you do use to the latest tiny release in the version you use.