can't Apache just ignore one $hittyLittleIPAddy?

Nope :)

Last time I made a mistake in htaccess, it was an accidentally inserted comma in a "Deny from" list. It didn't out-and-out break anything ... but it did throw the whole site into "lookups" mode, which makes access logs pretty well unreadable.

Where did you insert your /255? Is this in 2.4 where, if you jump through the correct hoops, you can use CIDR ranges with mod_rewrite?

:: detour to look up ::

Oh, right. You can't even say /255. It has to be /255.aa.bb.cc

Crystal ball says there was a rule with condition along the lines of "if visitor is NOT from blahblah, take suchandsuch action" and, since blahblah includes an option that can never occur, the same action was taken over and over again.

Thx Lucy.

Is Apache 2.4. Added the IP addresses in website -> public_html -> htaccess. I was afraid of entering the list via WHM "Pre VirtualHost Include" for fear that I might blow up the entire server. Bad idea? Good? Better now that I "fixed the error of my ways" -> that is, go back and upload this via WHM so it covers all virtuals on my VPS?

Can I borrow your crystal ball? Maybe with a bit of spit and polish I can look deeply into it and see exactly what happened, where and how. That would be nice. I'm used to computers (mostly) being black boxes that break and then won't tell me where to put the Bandaid.

For the benefit of those who also are struggling to learn here's the error message from cPanel -> Error Log:

[Tue Feb 23 14:42:28.047083 2016] [core:alert] [pid 9585] [client 71.168.240.53:55148] /home/cpyoung1/public_html/.htaccess: The specified network mask is invalid.
[Tue Feb 23 14:42:27.945809 2016] [core:alert] [pid 9581] [client 71.168.240.53:55147] /home/cpyoung1/public_html/.htaccess: The specified network mask is invalid.
[Tue Feb 23 14:42:27.941502 2016] [core:alert] [pid 9581] [client 71.168.240.53:55147] /home/cpyoung1/public_html/.htaccess: The specified network mask is invalid.

A search of the error message, which "post panic", I discovered and searched, lead to various forum threads and discussions around the WWW confirming that an error in an IP range (CIDR?) in htaccess can take down a website. Argh. Who woulda thunk?!

Who woulda thunk?!

Indeed. Was the invalid netmask actually in a Deny list (it's called something else in 2.4, probably involving "Require", but you know what I mean) or in some other context entirely? Did the problem happen universally, or only on requests that potentially matched some aspect of the rule?

an error in an IP range (CIDR?) in htaccess can take down a website

Urk. I have to say the exact nature of the error is perplexing. Normally when you make a mistake, it becomes "take down a website" in the absolute sense, where all requests receive a 500 error. Which is why we all need test sites. This one is more of a "makes the website behave in an unexpected manner"-- at which point things get recursive, since the reaction itself is unexpected.

In the regular access logs, what numerical response was returned? (Loose analogy which, ahem, cough-cough, I've personally experienced: An error in one place prevented the server from returning the 403 document. But it still managed to give the request a 403 response, which of coursewas the important thing.)

Advance notice: None of these questions mean I will end up being able to explain it. There's a reason I keep saying I don't speak Apache. But the more information, the better.

I've done this. Sometimes it takes a while to determine where the error is. I always keep a copy of the working file I started with that I can ftp back "just in case" and have used it. Usually happens when I'm working on a file in bits and pieces or "almost done" way past time to quit. I think I once ended a CIDR with an extra '.' like (example) "11.22.33.0/.24" - oops.

Yes, your site can be unusable. :( Apache's way of trying to motivate me to pay more attention.

A particular pain point in this process was that the list of IP addresses was l...o...n...g, so finding the culprit was a bit like finding a needle in a haystack.

I'm currently searching for the best online free IP->IPrange or CIDR utility. If y'all have any suggestions I'm open to a PM or, if allowed, a post here.