Returning a DNS error or the address 127.0.0.1 allows the workstation not to access the target server, but this slows down Internet browsing because browsers will either try several times to make the same request or try to connect to a non-existent service.
In order to ensure a better fluidity, the best solution is to transfer requests on a Web site planned for this purpose.
Improvements on the error page service have been made since the version 4.40 Service pack 116.
To provide correcly the web error page, you need to use a web server that run on both http/https port (80/443).
In our case, we using the DNS Firewall box to host the web page and to avoid port conflicts with the DoH service, we have a created a second MacVlan network Interface in order to force the Web page service to listen this Interface.
Filtering Service
> Error page
,When surfing to a denied website, you will see an Error page.