Had a request from a customer wanting to add fraud protections such as:
1. Rate limiting
2. Bot detection
3. Bot detection with javascript to identify headless browsers
4. Captcha functionality - when users initially come into the site or users are starting an order or users are entering credit card information
5. WAF compromised credentials check