Always-on detections: eliminating the WAF “log versus block” trade-off https://blog.cloudflare.com/attack-signature-detection/