Stopping directory traversal attacks. ( …/../../../../../../../../proc/self/environ%00 type stuff)
Blocking known bad IP addresses, and hostnames from accessing your site. Sure that can be done by .htaccess, but .htaccess is incredibly slow, and processor intensive, especially when checking hostnames, as it has to re-poll the server variable every time it wants to do a check.
Stopping known bad user agents (many skript kiddies can't get around this).
Deterring content theft and keyword scraping. Many of the functions above will work in concert with this goal.
Stopping registrations and logins from known insecure networks and known spammers (via remote DB lookup), but allow non-registered read only access (TOR and known spammers).