Cloudflare WAF Custom block page with form

I created an external page (php page on custom domain name) with a form to submit as a WAF Custom BLOCK Error.

The page displays correctly, but submitting the form does not work.
The goal is to collect info from a user that considers to have the right to have access but has no access.

I thought that forms are able to do, or what restriction do I miss here?

Hi there,

Custom WAF Block pages are supposed to be static content, also, when you set a URL, as you did, Cloudflare does not redirect you to that URL, it serves a static HTML of what it sees.

Basically after you 1st set the page URL, Cloudflare will store your custom page on our servers, and you can even delete its source from the URL you placed in the custom web page.

As an alternative to this custom block page, my suggestion is that instead of creating that rule in WAF presenting the custom 403 block if the request comes from outside those 3 countries, you create a redirect rule (Rules > Redirect Rules) and redirect customers to that form. It will be as effective as the current WAF rule with the exception that the address will change on the browser but the form will work.

Take care.

So as you copy the page, would a 100% client side page, with form and JS submitting through an API work well then?

Hi there,

It won’t. When you add the URL to the custom block page, Cloudflare will basically copy it as it is at the moment, so any non-static content will become static at the custom page.

Take care.

thank you for that info!

Can I still catch the RAY ID and pass that through a query string?

Hi there

Is it allowed to have a link in the static HTML that links to the page I’m actually redirecting to?
Like this I can pass also with a query string the RAY ID for example.