Hi Ben,
You are right. I tried mod_headers and it does a good job, but only on valid headers.
For the 400 ones, the log is the last place where I get to see them, every attempt to handle them fails.
@Sigitas had the idea of using a proxy between the Apache and the Internet, to filter traffic and intercept the invalid requests in an attempt to fix them.
I find this very time consuming and I see it as a workaround for the real problem. Yet, I don’t see any other solution.