I just had my site attacked by a DOS approach where they slowly sent me a bunch of 400GB POSTs to a random non-404 URL on my server. I think they were sent simultaneously and slowly in an attempt to run me out of disk space. It did not work, but got me thinking about a page rule to basically disallow certain methods. The obvious filter would be like:
example.com/static/* disallow POST,PUT,DELE
I think this would be low cost for CloudFlare to implement - would save storage and bandwidth everywhere, make the POST big files DOS much less fun.
Yes, I can do this with .htaccess files littered throughout my application - but it seems like a nice idea for a page rule.