I set up mod_Cloudflare and enabled the DenyAllButCloudflare option so that only Cloudflare IP addresses were allowed to access the web server - but that stops the Cloudflare health monitor from working - it was expecting a HTTP code 200 and was getting a 403. So I told it to expect a 403 and it works again. This seems crazy as the monitor is clearly coming from the Cloudflare network. Is there a better way to do this?