My Website was attacked by BOTs so I put it on 'I am attack mode" with challenge rules set up in Firewall for almost 36 hours. There were more than 0.7million requests to the server before I put it on attack mode.
When I removed this immediately I saw one active user in real-time Google analytics dashboard. The Page URL being accessed had some suspicious code shown with it. the original URL ended before first ‘?’ on the second line. Can you please let me know what that code was? The Screenshot is attached here.
Is it still under attack. Google has put me on limit due to the invalid traffic. I just upgraded my Cloudflare plan to pro and implemented almost all the features available in the plan. I am not sure what to do any more.