Hi! Thank you for interest and suggestion. We will be grateful if you could clarify for our developers what exactly you suggest to improve.

The first access on the server is limited by a buffer page (preferably html), after which it is redirected to the request url!
Examples are cloudflare and blazingfast.io hosted websites

Why do it on each visitor? Why not just the bad actors?

For every visitor!

Protect the server from the bad!

I guess you could implement an Under Attack mode, but our customers would be up in arms if every visitor had to do a Captcha to reach their website.

Cloudlinux or blazingfast does not use Captcha to reach the site, just a html page with redirection to about 5 seconds that uses cookies. Once past this page, those cookies are installed and the page is no longer displayed until it expires.
At cloudflare and blazinfast it works successfully!
It is an extra protection for the servers!
Ill make a video with some explanations

Cloudflare * sorry

I actually agree, this could be usefully. Basically hes asking for what Ryan already stated, an "Im Under Attack" mode like CloudFlare does. Although, im not sure I would do it on every visitor. Maybe let the admin decide if its done on a per server or even per account basis. I could see it would help stop the bots and possibly DDoS attacks, but I would do it based on IP reputation. Im not sure CL has built a IP reputation AI yet, but they should. We used ThreatStop, and recommend CL build a IP reputation system as well if they dont already. They can even look at an IP based on location, what the IP has done in the past, details about the headers it sends, how long it spends on a site, what URLs it goes to, cookies, (browser fingerprinting via JS such as plugins, fonts, screen size, and resolution, etc.. something like http://www.shieldsquare.com).