I have paid for the Pro account. I have paid only to be able to block several countries from accessing my website.
The fact is that when I paid it, I found the surprise that now I need to have an Enterprise account.
It is a lack of respect on the part of Cloudflare, since in the “Custom Pages” section it says perfectly that obtaining a Pro account could block countries.
That option was unlocked when I paid my Pro account, but that option is 100% unusable. The option is to add an html page to show the error to the blocked countries, but to block the countries it asks me to have an enterprise account.
Honestly … I feel 100% cheated, I know it’s only $ 20, but I’m a person with little money.
Yes, blocking by country is an enterprise-only feature. The “custom pages” page shows “IP/Country” to clarify when it will appear, even if the “country” part of that isn’t available to all plans. I can’t defend CF on this, they very well could change the text depending on if you’re an enterprise customer.
Sorry to hear that you don’t like Pro because of this. Refunds are provided on a case-by-case basis depending on how long ago you purchased Pro, so email [email protected]Cloudflare.com and describe the situation to them.
The page and the feature are two different features though. The page is the same for both things, but it requires the feature to work on your plan which as stated everywhere needs Enterprise.
My suggestion would be to take a look at Workers, in there you can do basically the same thing with a few lines of Javascript with most likely less than 20$/month.
Thanks to the new Firewall Rules, you can set the firewall to Block if the domain contains (your domain) AND the country equals xx. You can string countries together within parentheses and a bunch of OR statements.
@sdayman is spot on and is what I’ve done where I just want to block nefarious countries at the edge with a ‘hard block’ and don’t care that it’s a generic block page because it’s literally just to protect my sites.
You can also enable Cloudflare’s geolocation header, CF-IPCountry, which will then be added on to any requests made to your site. If you have a need for a ‘prettier’ block page and don’t mind the fact that you’re going to be serving it yourself then you can block on your webserver based on the contents of that (e.g. using .htaccess, or logic in your backend site landing page etc.).
So even on the free tier you get a somewhat ugly ‘hard block’ or the ability to implement a branded ‘soft block’ easily enough.
OK! I’ve got some clarity on this now. TL;DR is that “\d” actually == “\d”. As these are already in quotes, there’s no escape chars being added. It’s pretty messy, however it is a direct API implementation, hence the complexity. Let me know whether that makes sense or not.
Where would I specify that? I was referring to entering \d in the expression builder. That will automatically escape the backslash and turn the digit shorthand into its literal pattern for a backslash and a lowercase D.
(example here: 
