pbaddock - 11:08 pm on Feb 17, 2010 (gmt 0)
If you are worried about your htaccess being slow, or you want to block more than port80/http traffic, then you could always add the IP's to your firewall (iptables) .. this has more potential than just blocking http/port80 access, in that if you are repeatedly getting hack attempts on say ftp, telnet, ping or other, from China, Russia or anywhere else you can adequately block them.
For a recent DDOS I faced I had to do this. There are several ways to implement GEO IP lookup, script which inserts/modifies the firewall in a similar manner as to you adding to the .htaccess
for port 80, the benefit is that the traffic never even gets to start a http/apache process = no speed decrease.