Jim Walker (The Hack Repair Guy) offers something very valuable to prevent a possibility of a hack: a comprehensive list of bad bots. With a simple directive in the .htaccess file you can hide your site from all bots in the list or edit the list to suite your preferences.
The “bad bots” name is not exactly accurate as it also includes bots that belong to legitimate organizations like McAfee, Mozilla, etc., so it pays to go through the list and removing anything you do not agree with. Alternatively, you may want to add your own items to the list if you identify a new attacker from your access logs; Jim shows you how to do that. But for the majority of us, the list is great as it is.
My favorite security plugin for WordPress, Better WP Security, allows to activate Jim’s bad bot list under Ban Users > Enable Default Banned List. So if your web site is powered by WordPress, it’s even easier to repel bad (and any unwanted) bots.