To block bad bots you can use this htaccess code. The .* Regex characters means to match anything so if the bot has a version number after its name then the version number will be part of the bots name and using the .* will match the entire bots name and version number.
SetEnvIfNoCase User-Agent "^Bandit.*" bad_bot
SetEnvIfNoCase User-Agent "^Baiduspider.*" bad_bot
SetEnvIfNoCase User-Agent "^BatchFTP.*" bad_bot
SetEnvIfNoCase User-Agent "^Bigfoot.*" bad_bot
Order Allow,Deny
Allow from All
Deny from env=bad_bot
This type of htaccess code is stand-alone htaccess code so it can go at the bottom of your root .htaccess file. You can use the BPS Custom Code feature / tab page and add your custom bot blocking code to the text box, save your custom code, go to the BPS Security Modes page and click the Root Folder BulletProof Mode Activate button.