When I first started playing with blacklists and whitelists, I set up static tables for PF. But I found, over time, that the DNS-based block lists were much easier to use, as I didn't have to maintain them; someone else had that chore.
But the lists I use today are strictly for SPAM, and would not be applicable to website abuse or attacks.
I have no advice in this area, other than to recommend you Google for web abuse block lists, and research a few that seem to meet your needs.
|