"Currently, we run a bot test and we detected a volume of traffic that seems to be non-human traffic on your website: XXX
To be more specific, approximately 78% of your current traffic has more than 50 score/100 (threat score based on our machine learning and our behavior analysis system)
May I know how is everything from your end? Please let me know if you want to have an account review section with me, I will be very happy to assist you."
It's your production domain for a PAID Cloudflare plan. What do you? I guess you immediately declare an emergency in the company, reply to the person and submit a support request and try to solve it. Everyone checking all the possible monitor dashboards, checking with other providers...
Then the support tells you - "We do not have access to the report.. Please Contact the Customer Development team". The CDT does not respond...
Isn't that fishy strategy? Isn't that spreading a fear?
If you were Cloudflare and detected a sudden increase in traffic classified as malicious/non-human to a site you look after, would you notify your customer? If so, how, and would you try and offer a way of remediating?
@levelsio shares another screenshot here: https://twitter.com/levelsio/status/1225155622607323139/phot.... "From my experience, if your business is not in following category: ecommerce, website with booking engine, online news, fintech, this bot traffic will not likely to affect your business" does not come across to me as an attempt to upsell.
Again, as for CDT not responding and support not having access the the report... this is clearly sloppy and should be addressed by Cloudflare, as it's not a good customer experience. But if it was a proper attempt by Cloudflare to spread fear to upsell services, wouldn't you expect it to be a little more... organised?
