Welcome to WebmasterWorld Guest from 18.104.22.168
If there's any chance you blocked them via mod_rewrite
you could try running a RewriteLog and see what turns up. Just to confuse you, there's no on/off setting or LogLevel, you just have to specify a file. But it can't be done in htaccess, so you're looking at restarting your server
If the name does not begin with a slash ('/') then it is assumed to be relative to the Server Root. The directive should occur only once per server config.
Using a high value for Level will slow down your Apache server dramatically! Use the rewriting logfile at a Level greater than 2 only for debugging!
I really doubt you want to take the RewriteLog approach.
Look in the CP and Security Section for Deny IP.
When the actual bots visit, it's just 1 click and only the page they tried to reach shows up in the logs. The css/images, etc don't show up in the 403 logs.
I tried to access one of the pages the bots were looking for.
In the log, my visit showed up as broken images and i saw only the text/links of the 403 page.