Your hosting place may have an IP Blocking via the cPanel; you could use that.
And there are various plugins that will do it also.
You could also do it with the htaccess file in the root of your WP installation; place these lines before the WordPress lines:
order allow,deny deny from 127.0.0.1 allow from all
Change the IP address as needed.
Added
If you want to block access to specific files, then look at the answer here: https://stackoverflow.com/questions/11728976/how-to-deny-access-to-a-file-in-htaccess .
And this answer tells how to block specific IP addresses to specific files: https://stackoverflow.com/questions/3604526/htaccess-how-to-restrict-access-to-a-single-file-by-ip
Note that hackers often change their IP address, so your blocking may not be effective.
I’d also ensure that the plugins/themes being attacked don’t have vulnerabilities that would make the ‘attack’ successful. For that, you need to contact the plugin/theme support.
And, unless there are DDOS-type attacking going on against your site, the effort to block may not be worth it.