I know that custom CF blocked pages are available on the Enterprise level, but I’d like to just make one minor suggestion/request for everyone on the Pro or Free levels (I have both).
Most of the ‘bad’ traffic I get to my website are SQL or other injection attacks (that aren’t already blocked from CF) from known domestic and international data-centers. When one slips through and I see it’s a datacenter, I block the entire ASN, since the chances of real human traffic from these datacenters is null.
But many of these same datacenters also host VPNs (good ones and bad ones), and the most common problem I have now is when a real user is blocked, they have to contact me and I have to ask them to disable their VPN to access my site(s). This post is NOT to get into the pros and cons of this practice.
My request is simple: On the generic CF block page, please add:
“If you are using a VPN to access this site, please try turning it off temporarily and try again”.
That’s it. That would save me and my users A LOT of time going back and forth just to ask them one-by-one to disable their VPN temporarily to access my sites.