Along with access restrictions with the host address, .htaccess can restrict access by user agent
SetEnvIfNoCase User-Agent "OpenVAS" ua_key=on order allow,deny allow from all deny from env=ua_key deny from #ip address
Deny port scan attacks from OpenVAS etc. for now.
