Interesting way to block some attacks early. I'm curious to hear how many people use .htaccess like this for security. Seems like these attacks would be blocked regardless if you keep your server patched and use good application design/development principals (like never trusting user input, not using GET queries for destructive operations, etc.), no?