Помощь в фильтрации ботов через CloudFlare

(ip.src in {::/0}) or (not ssl) or (not http.request.version in {"HTTP/2" "HTTP/3" "SPDY/3.1"}) or (http.referer eq "") or (http.referer eq "-") or (ip.geoip.country in {"AF" "AX" "AL" "DZ" "AD" "AO" "AI" "AG" "AW" "BH" "BD" "BB" "BZ" "BJ" "BT" "BO" "BQ" "BW" "BN" "BF" "BI" "KH" "CM" "CV" "CF" "TD" "CL" "CN" "CX" "CC" "CO" "KM" "CG" "CD" "CK" "CR" "CI" "CW" "DJ" "SV" "GQ" "ER" "ET" "FK" "FO" "GA" "GM" "GH" "GI" "GD" "GP" "GT" "GG" "GN" "GW" "GY" "HT" "HN" "IN" "ID" "IR" "IQ" "JM" "JE" "JO" "KE" "KI" "KW" "LA" "LB" "LS" "LR" "LY" "MK" "MW" "ML" "MT" "MQ" "MR" "MU" "YT" "MS" "MZ" "MM" "NA" "NR" "NP" "NC" "NI" "NE" "NG" "NU" "OM" "PK" "PW" "PS" "PA" "PG" "PY" "PN" "QA" "RE" "RW" "BL" "SH" "KN" "LC" "PM" "VC" "WS" "SM" "ST" "SA" "SN" "SL" "SB" "SO" "ZA" "SS" "SD" "SR" "SJ" "SY" "TW" "TZ" "TL" "TG" "TK" "TO" "TT" "TN" "TV" "UG" "UY" "EH" "YE" "ZM" "ZW" "T1"}) or (ip.geoip.asnum eq 49505) or (ip.geoip.asnum eq 35048) or (ip.geoip.asnum eq 206766) or (ip.geoip.asnum eq 207713) or (ip.geoip.asnum eq 52207) or (ip.geoip.asnum eq 16509) or (ip.geoip.asnum eq 23033) or (ip.geoip.asnum eq 48061) or (ip.geoip.asnum eq 14061) or (ip.geoip.asnum eq 200197) or (ip.geoip.asnum eq 14618)

в первом правиле допускаем всех полезных ботов и добавляем сети яндекса принудительно. Вторым пилим всех, кто лезет с ipv6, без ssl, с пустым referrer, ряда стран и ряда сетей. 

В моем случае побороло ботность, спам и ddos.