[Usu]

This could be really interesting, we are currently using some custom bot detection techniques that also try to slow down / crash chrome headless and such, but it would be nice if we could just use this new Cloudflare service and stop worrying about maintaining it.

I have a few questions, though:

1. How does this work with mobile apps / single page applications APIs? I'm worried this would block legitimate users

2. Is it possible to enable/disable this feature on URLs patterns using page rules? I'm not seeing the option right now

3. Do blocked requests end up in the firewall logs? If so, how do we filter for it? Specific rule id?

4. Is there a way to enable it in log mode in order to evaluate the impact it would have?