Had a question to see if CloudFlare has a detection mode to where I can see requests and potential attacks hitting the site without a particular service being in a protection mode, similar to Azure’s WAF ability. For example, I am a little hesitant by enabling the web application firewall since it has the potential to be disruptive to our web services. Is there a way to have this in a detection mode so it won’t block the attacks, but will alert / notify me so I can see if there is a specific feature within the WAF settings to enable… such as cross site scripting blocks.
I would also like to know if this also applies to DDOS based attacks. I see these are enabled by default when you orange cloud your URL, but can these be put into detection mode as well?
Any assistance is much appreciated!