Well that's a no go...that WAF config option is at the enterprise plan level.  Ugh. They have some tor cloudfare onion vs exit nodes  related switch at my plan that's suppose to help bit already on.  The enterprise WAF rule is suppose to allow lowering the captcha trigger level.