Anyone using Cloudflare's L7 DDOS mitigation ruleset?
I seemingly can't get it to work, so here goes:
What are the settings that you have in Security > Settings > Security Level, and under Security > DDOS > HTTP DDOS Attack Protection - Configure?
There's a test rule named "Test rule: will quickly block URI containing blockme=(...)", can you make a request and see if this works on your site?
(Wrong category, but can't edit it any more.)