This could be really interesting, we are currently using some custom bot detection techniques that also try to slow down / crash chrome headless and such, but it would be nice if we could just use this new Cloudflare service and stop worrying about maintaining it.
I have a few questions, though:
1. How does this work with mobile apps / single page applications APIs? I'm worried this would block legitimate users
2. Is it possible to enable/disable this feature on URLs patterns using page rules? I'm not seeing the option right now
3. Do blocked requests end up in the firewall logs? If so, how do we filter for it? Specific rule id?
4. Is there a way to enable it in log mode in order to evaluate the impact it would have?
Hopefully this doesn't get flagged to death by bots on here, as is often the case for a story with climate in the title (particularly if it hits the front page). That would be far too ironic.
I have a few questions, though:
1. How does this work with mobile apps / single page applications APIs? I'm worried this would block legitimate users
2. Is it possible to enable/disable this feature on URLs patterns using page rules? I'm not seeing the option right now
3. Do blocked requests end up in the firewall logs? If so, how do we filter for it? Specific rule id?
4. Is there a way to enable it in log mode in order to evaluate the impact it would have?