You could use a text file but I suggest you use a database solution. Establish the acceptable criteria and then redirect traffic that doesn't meet that criteria. In fact, it's simple enough to redirect the traffic back to the questionable IP. You could even apprend the redirect with a message if you so choose.

Then you could add problematic IPs to your .htaccess file at a later date. But the database solution will be quicker and probably use less resources than loading the .htaccess file each time.

__________________
I use Country IP Blocks as added security for my networks and servers.