That’s good, feel free to merge the requests with 0% CSR into one.
In the meantime change the HTTP 1.1 rule to:
- Request method GET
- Threat score greater or equal than 5
- URI is eq /
Note that if they find out, they might change the request URI or Method, but until then, this should reduce the CSR greatly.