Hi,
Fail2ban is a nice tool for reacting against attacks.
It can look into your Apache logfiles and search strange behaviour.
You can define cases digging for in those logfiles.
And fail2ban creates rules in iptables for blocking specific addresses.
http://www.fail2ban.org/wiki/index.php/Main_Page