Gaia - 5:11 pm on Apr 2, 2013 (gmt 0)
Should be blocked by default? What does that mean? It is good practice to add them to the DENY table?
I generally avoid blocking an entire range because of one rogue IP. Singlehop, for example, is not a bad neighborhood. And Rackspace definitely isn't.
I already have another measure in place. modsecurity does a reverse DNS lookup (using a local DNS server) to verify if a client with a bot as UA is actually coming from a valid IP for that bot. Now I can stop manually blocking those guys...