Yes, the examples I posted above showed how I denied access *after* I got a whole series of attacks with successful 200 result code and many 'Gets' of a big page (approx 960KB).
Even tonite, he's hitting with another 30 or so attacks on the IPs which I have already denied.
I assume, he's doing this programmatically, and hasn't yet realized that I have denied those set of IPs.
When he *does* realize that, he start up a whole *new* set of IPs and keep pounding me with them until I Deny each and every one of them.
So, yes, the examples show me Denying them, but tomorrow, I'll have to look again and re-deny ...
btw, the page size that I 'serve', and that he 'downloads' to his client browser is (as I said above) more than 900k bytes. So, even though its not a actual 'download', it does stress my Apache server.
My actual downloads in the previous site where I folied him are all greater than 14 Megs