Comment by net-yaroze

> Although, it's quite difficult to find a better DDoS mitigator which is better than CF, I still wouldn't trust them for everything.

Adding Challenges, TLS fingerprinting and Rate Limiting is possible on just about every major CDN platform to be honest. I guess with CF it's more "ootb" though, where you don't really have to think too much about policies - but at the same time, you can't go as granular in those policies (e.g layered) as some others.