Block requests from bots by pattern in apache with mod_rewrite. mod_rewrite not working

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{THE_REQUEST} ^.*(wpdffcontent)|(glitter_calendar)|(mp4:).* [NC]
RewriteRule ^(.*)$ - [F,L]
</IfModule>

This would need to go before your existing WordPress mod_rewrite directives, otherwise it is never going to be processed. (The WordPress front controller rewrites every request before your directives get a chance to run.) However, your directives should be written as a one-liner instead:

RewriteRule (?:wpdffcontent|glitter_calendar|mp4:) - [F]

No need for the <IfModule> wrapper (in fact, this should be omitted). RewriteEngine On only needs to occur once in the file (anywhere). It's more efficient to check the URL in the RewriteRule pattern, no need for an additional RewriteCond directive here. And no need for all the capturing groups (you have 4 capturing groups in your initial directives which are just an unecessary waste of resources). And the L is not required when using the F flag (L is effectively implied).

Only include the NC flag if you specifically need to block GliTTer_CALendar and GLITTER_calendar as well as glitter_calendar, etc. If all the requests are for glitter_calendar (all lowercase) then that is all you need to block.

However, I think it would be preferable to use a combination of mod_setenvif and mod_authz_host (Apache 2.2) to block these requests. (The block with mod_rewrite could be overridden if you had additional .htaccess files using mod_rewrite.)

For example:

SetEnvIf Request_URI "(?:wpdffcontent|glitter_calendar|mp4:)" blockit

Order Deny,Allow
Deny from env=blockit

Logically, any blocking directives should be the first things in your .htaccess file. Followed by canonical/external redirects, then internal rewrites (the original WordPress directives). However, if you have access to the server config (which you appear to have), then these should all go in your server config and disable .htaccess (ie. AllowOverride None).