[rezonant]

Or they'll (the site operators using Cloudflare proxy) make ill considered firewall rules like "If not Chrome, require security check".

[sammy2255]

What's your point? You can configure this in Nginx too

[rezonant]

Nginx has a built in recaptcha page based on rules? News to me.

Even if it does, the point of Cloudflare's WAF is to avoid the traffic touching the origin if the security check doesn't succeed, so any nginx solution isn't really providing the same value.