Mentioned this in another reply; in my case I am running Bunny Shield, but my Bunny origins are then my own ingress boxes / LBs which themselves are running ModSecurity with OWASP CRS; and CrowdSec.