Bot war escalations are getting ridiculous. Our web host introduced a Cloudflare anti-bot layer that we can't manage/audit. Suddenly we can't post, authenticated, to our own site's REST API endpoints without getting a JS challenge. Support rep didn't have any knowledge of the Cloudflare layer, told us to deactivate all our plugins. Now it's with a senior engineer. 😭