Deny from host where:
host is all, to deny access from all client hosts
host is all or the last part of a DNS host name
host is a full or partial IP address
Does not need to be enclosed in a <Limit> <LimitExcept> range but usually is.