If in doubt if its bots or an attack, get it confirmed via BlackOps ticket before reaching out to SRE
Use below template in the SRE team channel to trigger the request. Also, read the Cloudflare docs and inform the affected customer as well.
Template
Due to an ongoing bot attack on a project we'd like to enable Cloudflare Managed Challenge on this project.
The custom hostnames that are currently under attack are:
Challenges ยท Cloudflare Web Application Firewall (WAF) docs
When a website is protected by Cloudflare, there are several occasions when it will challenge visitor traffic:
https://developers.cloudflare.com/waf/reference/cloudflare-challenges/#managed-challenge-recommended
Please understand and inform customers about the impact of the Cloudflare Managed Challenge. - End users might be asked to fill in a recaptcha or it might be automatic. The managed challenge triggers once for every new user.
Note
Please make sure that they also know if they have any services hitting their project e.g. API calls and such they will be affected.