The one drawback to this method that I see (other than the above mentioned overhead) is that this script requires that the malicious user attempt to access a dynamic page that has the scripting enabled. If you are not able to add custom PHP code to error documents, this system would be almost useless. In addition, it creates a blind spot for images, scripts, media files, libraries and dynamic includes and other potential avenues of attack.

Generally speaking, if you have access to .htaccess, I would lean more toward creating a custom security log with a custom entry in the .htaccess file that will record the pertinent information. This method will allow all access attempts to be recorded with minimal overhead. The following .htaccess directive will generate a log similar to that explained in the tutorial. The log file will be created at /location/log.txt.

__________________
The best way to learn anything, is to question everything.