You’re not going to get them to stop attacking. You can investigate what it is they appear to be hitting - like a vulnerable script or a backdoor - and remove it or block access to it.
Nuclear option is to take the sites down. Create a new user - and do not copy files over to it, or re-use a database - and then assign the domains to that user.
Either re-install from scratch or take time to investigate and “clear” the previous version of the site files before copying files to the new user or re-using a database.
For blocking access, try using .htaccess and “deny from” directives to block IP addresses, or other directives to block based on the URL being requested.