here's some more:

RewriteCond %{REMOTE_ADDR} ^207\.228\.(22[45])\. [OR]
RewriteCond %{REMOTE_ADDR} ^209\.160\.([0-9]|[1-7][0-9])\. [OR]
RewriteCond %{REMOTE_ADDR} ^209\.103\.1(6[0-9]|[78][0-9]|9[01])\. [OR]
RewriteCond %{REMOTE_ADDR} ^209\.40\.(9[6-9]|1[01][0-9]|12[0-7])\. [OR]
RewriteCond %{REMOTE_ADDR} ^209\.61\.(19[2-9]|2[0-5][0-9])\. [OR]
RewriteCond %{REMOTE_ADDR} ^66\.148\.(6[4-9]|[7-9][0-9]|1[01][0-9]|12[0-7])\. [OR]
RewriteCond %{REMOTE_ADDR} ^66\.235\.1(6[0-9]|[78][0-9]|9[01])\. [OR]
RewriteCond %{REMOTE_ADDR} ^66\.36\.(22[4-9]|2[3-5][0-9])\.

Any chance of blocking regular users, even surfing from biz account?

Possibly keyplr.

I added the mass denials back in 2006 after numerous and repeated intrusions from multiple IP's.
Their "services" page provided me with a less-than-reasonable explanation for "regular users" )at least in 2006.

One range was common for random UA's.

They list one of their services as broadband, but don't specify a range (naturally.) Guess I'll find out. Thanks.

Keyplr,

I have legit users (registered in our forums for a long time with high post counts) from many ips in those ranges. :(

Thanks motorhaven

Reading my last post I realize I should have been clearer. I have users coming through many IPs in two /24 ranges:

66.36.7.
66.36.208.

I can't vouch if any ranges other than those are legit users or not, but those two ranges definitely are.

I can't vouch if any ranges other than those are legit users or not,

What's a few slaughtered lambs amongst friends ;)

I have all (known-to me) hopone ranges blocked...

66.36.224.0 - 66.36.255.255
66.148.0.0 - 66.148.127.255
66.235.160.0 - 66.235.191.255
74.84.128.0 - 74.84.159.255
209.40.96.0 - 209.40.127.255
209.61.192.0 - 209.61.255.255
209.103.160.0 - 209.103.191.255
209.160.0.0 - 209.160.79.255

Of the ranges listed by wilderness, I do not have the one below - which means it hasn't (yet) misbehaved. On checking now, it does not look (to me!) like servers. Can anyone refute that?

207.228.224.0 - 207.228.255.255