keyplyr,

Assuming that your ErrorDocument directive was for 403-Forbidden errors rather than 405-Method Not Allowed errors, and should have read:

ErrorDocument [b]403[/b] /forbidden.html

the purpose of this ruleset,

RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %(HTTP_USER_AGENT) Larbin [NC,OR]
RewriteCond %{REMOTE_ADDR} ^64\.156\.198\.(6[89]¦7[4-8]¦80)$
RewriteRule !^forbidden\.html$ - [F]

is to block Indy Library, Larbin, and an IP address range, but still allow those blocked requestors to be served your custom error page. Without the Rule construct to exclude /forbidden.html, it's possible that their requests will put your server into a loop: A blocked request is redirected to /forbidden.html, and the server tries to serve that instead, but since the user-agent or IP address is still blocked, it again redirects to the custom error page... it gets stuck in this loop.

Alternatively, you will get the standard server 403 error message:

Forbidden
You don't have permission to access <name of requested page> on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

I believe you'll get the loop behaviour on name-based virtual servers (shared-IP address), and the standard server error message on dedicated or shared servers with unique IP addresses per account.

In order to reduce bloat, you could make the custom error page's name shorter (I use "403.html"), or restructure the code so that more of the RewriteConds used to block requests share the same RewriteRule.

Jim

it's possible that their requests will put your server into a loop

I had a terrible nightmare about that recently.