I'm kind of surprised nobody has mentioned just using the server firewall? Unless you don't have access to it, that would get my vote of confidence before worrying about the httpd deny and allow rules.

You could utilize your php.ini's auto_prepend_file for this purpose, but no matter how fancy your script, it will only block folks from directly accessing your pages, they could still easily send hits to your images and other media files.

Your best bet if you're unsure how to proceed is to contact your hosting provider and ask them what course of action they would suggest.

@Tekwiz, glad you had a chance to bring your side of the story in, but with no offense intended please remember that we're completely uninterested in bringing outside issues into the these forums. We're just here to provide help with PHP and related technologies. :D