I recommend Fail2Ban. This is a script that watches logfiles for any patterns (e.g. failed logins) and creates then a firewall rule to prevent that IP to access your server. You can configure how many failed logins are necessary and for how long the access should be denied before the firewall rule is removed.
With fail2ban you can also watch ssh logins, mail accounts or event your own web-application logfile for malicious logins/behaviour.
As a general hint: rename your root
/admin
account to something else, so that they will never success anyway and change the public mysql port of your server (which is both just obscurity, but no real security). Also you should disable remote login for accounts (which is security).