i guess the immediate answer might be to rename halt... but that would presumably break other dependent scripts.
I've not tried it but i'd suggest setting a login level alias, which i *think* will take precendence over files.
Code:
export alias halt='echo you're on the main server, fool.... use the absolute path to really run halt'
i can't see why that would affect anythign outside of your login shell, so anything calling halt as root would get the real deal /bin/halt. but when logged in as root (i'm assuming that alias is done in /root/.bashrc btw.) then running "halt" without thinking will give a pleasantly goading message, rather than taking the server down, requiring /bin/halt to be required explictly to kill the box.
now comes the part where someone says that's drivel.....
but then again, it's down to being careful... but in an official way, i.e you shouldn't BE root in the first place, you should be sudoing etc... and not have access to halt as your sudoer, but only as real root. so while your sudo user can "rm -rf /home" they can't shut the machine down by mistake.