How can i solve with CF rate limiting the Facebook scrapper attacks?

I am sorry to hear this.
Unfortunately it’s a know issue that they’re very aggressive.

Create a Rate Limiting rule which checks URI Path wildcard, for 10 requests per 10 seconds with action block for 10 seconds (at least) - if you’re on a Free plan at least.

If you’re on a paid plan, check what’s available to you:

May I ask you to share the screenshot of this rule? :thinking:

Some are mentioned here (might cost - if you go with Cloudflare Workers):

Therefrom, you could also spare some CPU load on your origin hosts/server if you’d catch and redirect Facebook’s click links (not cached, but could “cache bust” your server and overwhelm it with requests where each of them need to generate the same webpage HTML document) to your cached page: