Please help with implementing below security features ASAP. There are so many frequent attacks on the website that causes the websites to go down.

1. Geographical Rate Limiting - Add rules with rate limiting for traffic outside of specific countries (Challenge beyond the primary range/limit and block beyond the secondary range/limit)
2. Basic Rate Limiting - Can we add a rule with rate limiting to block DoS attacks
3. Bot Protection - Challenge suspected bots to confirm user authenticity
4. Bot detection with javascript to identify headless browsers
5. Captcha functionality - when users initially come into the site or users are starting an order or users are entering credit card information
6. WAF compromised credentials check
7. Any other WAF rules to protect the website from anonymous usage and attacks

There are multiple problems if there are no proper security rules in place.

• Problem-1: Websites are going down – Loss of business and sales
• Problem-2: There are many unnoticed attacks, as we know the attacks only after the websites go down
• Problem-3: There is a possibility of data mining from our websites if there is no security rules