Yup that will fix it. You could check the WAF logs and it'd show previously Tor users were getting challenged. As it's a websocket connection this would've been a "silent" challenge as they never would have been able to see the challenge and it'd amount to be blocked entirely lol. Cloudflare really should have some better documentation around this.