The simplest solution is to keeps your IP's organized sequentially.

17.19.7.14
174.25.26.68
192.156.27.50
73.13.36.142
74.61.24.174

Manually assembling such RewriteCond statements from such a list of IPs by editing in backslashes is a big job. If you have a few dozen IPs, it'll take hours!

A gross exaggeration!

FWIW, using IP's to the precise IP and/or Class D, will have you chasing your tail with an unmanageable quantity before the first sun sets.
An alternative is to use IP ranges with other multiple conditions based upon both UA and/or another condition.

I'm not sure how organizing them sequentially makes any difference. Where do you put that sequential order so RewriteCond can find it?

No it's a fact, not an exaggeration. I guess I could do up a script that would input a long list of IPs and spit out a long file of RewriteCond statements and then paste that file in my htaccess. I guess I could make up another script to examine my htacess and look for a particular IP so formatted. Just wondering if there is an easier way.

It's also a fact that it's trivial to come up with lists of IPs with no commonality in other "multiple conditions", and it's not hard to make them sequential if that floats your boat. Using other conditions simply doesn't apply. If it did I'd sure use them. I want Joe and Sara to be sent here, and Peter and Jill to be sent there.

It sounds like "cookies" would do the job even when Joe or Peter were on a different computer. But assuming you know exactly what you want to do, the order makes a small difference whenever the server has to examine conditions. It is more efficient to keep them in sequence also for the day when Joe moves or has a new IP and you need to find the old one to update it. The list you have here would be better as:

RewriteCond %{REMOTE_ADDR} ^17\.19\.7\.14$ [OR]
RewriteCond %{REMOTE_ADDR} ^73\.13\.36\.142$ [OR]
RewriteCond %{REMOTE_ADDR} ^74\.61\.24\.174$ [OR]
RewriteCond %{REMOTE_ADDR} ^174\.25\.26\.68$ [OR]
RewriteCond %{REMOTE_ADDR} ^192\.156\.27\.50$

In other words, the sequential order is entered during creation of the rule.

Thanks. Although the question is whether I really have to create individual statements in that format at all. It would be so handy if RewriteCond %{REMOTE_ADDR} could just be told to go look at a file full of IPs and just "do those". Such that the condition is satisfied if any IPs in the file match.

But that's interesting that order makes a difference. Are you saying Apache runs more efficiently if the statements are ordered by IP, or just that it's easier to look something up if the statements are in that order? That is if I've got a hundred such statements, it would make it easier to locate a particular one if they were in order.

Manually assembling such RewriteCond statements from such a list of IPs by editing in backslashes is a big job. If you have a few dozen IPs, it'll take hours!

Er, do you not have a text editor that does Regular Expressions? Globally replace

^RewriteCond %{REMOTE_ADDR} (\d+)\.
>>
RewriteCond %{REMOTE_ADDR} ^$1\\.

followed by
^RewriteCond %{REMOTE_ADDR} (\^(\d+\\.)*\d+)\.
>>
RewriteCond %{REMOTE_ADDR} $1\\.
and repeat until it rinses clean. If you don't already have the RewriteCond part in place, that's a single block-edit.

Same rule would work for
SetEnvIf Remote_Addr et cetera.

I make it five minutes, including the time spent working up the rule and typing this post. Subsequent changes should be no more than one minute, since all you have to do is copy-and-paste. Still less if your text editor has a Save This Rule option.

Edit: OK, plus one minute to edit in the backslashes I forgot. I think someone in the php subforum once had a rule where they had to use six backslashes to make it work.

Thanks. Well, editing in the backslashes is what takes time (plus the copy/paste). OK, a minute or two each in a few dozen lines. That makes one-ish hour. But I think the point is that, no, RewriteCond won't do for me what I was hoping it would do. I just thought I'd check.

Denying an IP is easier than Rewriting it but even in that case one can't just point to a file of IPs.

editing in the backslashes is what takes time

tl;dr ...

RewriteCond %{REMOTE_ADDR} =17.19.7.14 [OR]
:

a minute or two each in a few dozen lines. That makes one-ish hour.

I don't understand. Are you making separate htaccess files for thirty different sites?

Denying an IP is easier than Rewriting it but even in that case one can't just point to a file of IPs.

No, but you can use a CIDR range, which is much more efficient (in bytes, which add up) than a RegEx. Moreover, mod_authwhatsit doesn't require escaping of anything, and you can combine multiple IPs into a single line.

You certainly don't need mod_rewrite if all you're doing is unconditionally denying certain IPs-- or unconditionally denying anything, for that matter.

Wait, You mean you can do it like this? As in, no backslashes to edit?

RewriteCond %{REMOTE_ADDR} =17.19.7.14 

That would be pretty cool.

Wait, You mean you can do it like this? As in, no backslashes to edit?

Yes. The "=" operator/prefix performs a lexicographical equality comparison. The CondPattern is now a string, not a regex, so no need to escape the dots or use anchors.

But that's interesting that order makes a difference.

Having them in order is simply for your organisational benefit. There is no performance benefit here because they are all string comparisons and mod_rewrite will sequentially go through the RewriteCond directives top to bottom regardless of the order.

Denying an IP is easier than Rewriting it but even in that case one can't just point to a file of IPs.

Well, you can use a RewriteMap if you have access to the server config.

And if you are Denying IPs you can always do something specific in your custom 403 if needed.

Using an equal sign sure makes life easier. Thanks! That lets me not only compose such statements quickly, but allows be to search for IPs in the file easily. As in if 22.333.444.555 tells me that he/she can't get in, I have to FIND that IP in my file. If it's all bolluxed up with slashes that's hard to do.

I'm curious why Rewrite explanations never tell you that.

Good to know that the ordering is a matter of organizational benefit and not functional benefit.

Many thanks to everyone.