This problem seems to be growing worse by the month. More bots scanning sites eating resources. It would be nice to have a 'blacklist' of bots we want to ban at the server level. The closest thing I have found is in this article using a modsec rule and fail2ban.
See attached URL.
This is starting to get out of control and causing CPU to remain far above average rates.