no ends-with ($) and this range should work.
You should also omit the ends-with on your exception page.

RewriteCond %{REMOTE_ADDR} ^123\.456\.(9[6-9]|10[0-9]|11[01])\.

Many thanks for the prompt reply

Just to clarify (I'm not fluent in this stuff)

I knock off the ampersand at the end of the line when I am entering a CIDR IP range?
But leave it on when it is just a single IP address?

(I should add that this board is reproducing my ampersand as a dollar sign - I'm in the UK)

And the "exception page" comment - I didn't really understand that one sorry.

Ampersand? What ampersand?

Ampersand is definitely wrong.

Remove the $ sign.

I knock off the ampersand at the end of the line when I am entering a CIDR IP range?
But leave it on when it is just a single IP address?

Neither!
It should NOT be used at all (at least in this instance).

(I should add that this board is reproducing my ampersand as a dollar sign - I'm in the UK)

Kind doubt that, however it's entirely possible.
If so, than you need turn off html in your submissions.
Here's a link and explanation of ampersand [en.wikipedia.org]

And the "exception page" comment - I didn't really understand that one sorry.

Your exception is the following line (with your initial ends-with character omitted):

RewriteCond %{REQUEST_URI} !^/landingpage\.html

The leading asterisk excludes this page from preceeding condition.

FWIW, if there's some difference between a UK & US (note use and board interpretation of ampersand) keyboards, and/or the software your using to create and/or edit your htaccess file?
Than your first priority (above your initial inquiry) is locate a software which is a simple text editor and and does not misinterpret characters that Apache requires to be clearly defined and/or used.

"Begins with", "ends with" and "contains [webmasterworld.com], previously explained.

Leading asterisk?

It's an exclamation mark that "negates" the operator.

I am now totally confused.

The entry I quoted above is as notified to me here on earlier posts.

I've now disabled [codes] for this message.
my (shift- 7) key - the ampersand/"and" symbol shows as &
my dollar key (shift 4) is $
my hash key (which has a tilde as the shift version), shows #

Here is my original .htaccess entry again (I've deliberately broken the html link). I'd be grateful for a clear explanation of what should or shouldn't be in it. The initial pairs of asterisks are simply obfuscation of the actual IP address.

At the moment entries coded like this DO WORK if the IP address is a single address (and I test it on my own address). But when it is a CIDR range, it doesn't seem to block the relevant people.

#. redirection of visitorsitename IP addresses
RewriteCond %{REMOTE_ADDR} ^**\.**\.**\.0/20&
RewriteCond %{REQUEST_URI} !^/landingpage\.html&
RewriteRule .* http:/ /www.mysite/landingpage.html [L]

The entry I quoted above is as notified to me here on earlier posts.

You've a mere 57-posts here at Webmaster World, thus it wasn't to difficult to go through the threads you participated in.

In 2007 you submitted some lines to which Jim replied with the following "disclaimer":

There are some inconsistencies here that I can't resolve from the posted info, but perhaps this will get you closer

That former thread [webmasterworld.com]

Perhaps the use of both "begins with" (^) and "ends with" ($) was specific to that particular instance!

In any event the ampersand is NOT a valid anchor designation in regex statements

The forum library provides the following on Mod_Rewrite and Regular Expressions [webmasterworld.com]

Although it certainly may be acceptable to use CIDR ranges in mod_rewrite, I've never strayed in that direction.

It does appear to me that CIDR ranges are utilized in mod_access, rather than mod_rewrite.

Simply removed the ending character from both of your RewriteCond-lines and see if that works.

If the CIDR fails?

Use the following lines; modifying the leading 123\.456\. to their correct numbers.

#. rewrite of visitorsitename IP addresses
RewriteCond %{REMOTE_ADDR} ^123\.456\.(9[6-9]|10[0-9]|11[01])\.
RewriteCond %{REQUEST_URI} !^/landingpage\.html
RewriteRule .* [mysitename...] [L]

mod_rewrite RewriteConds do simple text-string/character compares. Therefore, CIDR notation cannot be used, and Network/Netmask notation cannot be used. These are supported in mod_access, but not in mod_rewrite. For use in mod_rewrite, you must specify a regular-expressions pattern to match the "text representation" of the numbers you wish to match.

The pattern "^123\.456\.(9[6-9]|10[0-9]|11[01])\." posted by Wilderness means, "match a string that starts with "123.456." followed by either ("9" followed by any digit "6" through "9") or by (digits "10" followed by a digit "0" through "9") or by (digits "11" followed by a digits "0" or "1"), followed by a period, followed by anything at all (or nothing)."

Therefore the pattern matches "123.456." as the first two octets, and "96" through "111" as the third octet of the IP address, and does not care about the fourth octet at all. Since it will range from "0" through "255", this is of no concern, and it would be a waste of both effort and of CPU time to match it explicitly.

You can also use a negative match in the RewriteRule itself, eliminating the need for the second RewriteCond:

# Externally redirect *all* URL requests from 123.456.96.00 through 123.456.111.255 to /landingpage.html
RewriteCond %{REMOTE_ADDR} ^123\.456\.(9[6-9]|10[0-9]|11[01])\.
RewriteRule !^landingpage\.html$ http://www.example.com/landingpage\.html [R=302,L]

However, do be aware that this will rewrite *all* requests not matching "landingpage.html" to landingpage.html, and so will prevent any access whatsoever to any other resource on your site. As such, landingpage.html cannot include any images, css, or external javascript files, and none of your custom error pages (if any) will work. The response to *any* request sent to your server will be a 200-OK and the contents of landingpage.html, regardless of whether the initially-requested URL would have resolved to an existing resource or not. So, this code essentially prevents your server from ever returning a 404-Not Found or any other response except for a 200-OK and the contents of landingpage.html. This may have detrimental effects on the ranking of this site in search.

Therefore, some review of your actual requirements and the addition of further exclusions to this rule should be considered.

Jim

Thanks to all - those replies have really helped and given me enough to go away and get this sorted. Many thanks!

Further thanks - .htaccess now springcleaned, various bot traps sharpened up, and I found this very handy tool on google which did the regex spadework for me when working with IP ranges for the REWRITE statements.

[google.com...]

found this very handy tool

Although some may find the tool useful?
It's not a clean writer.

For this 123.456 (had to change example for generation).96-111, example?

The generator unnecessarily writes the fourth octet, and ends with chracter.

Neither does it use the 2[0-5][0-9] (200-255 or the non-existent 256-259, which this generator would not create anyway due to the 255 restriction of its design)), which most have been using for many years at Jim's suggestion.

The following range is one character bloated:
1(0[0-9], although it would work.

Guess I just been doing this too long expect the clean and condensed regex of IP's to extremely condensed.