In particular I’m concerned about ddos mitigation and other abuse that Cloudflare blocks automatically. So I’m looking for tips on how to configure it properly to ensure I don’t lose out on any of fly’s features.
I don’t think there’s anything special apart from the TLS settings between CF and Fly. This thread might help: Can I use CloudFlare proxying with Fly certificates ?
We do offer DDoS protection, but we don’t have features such as a WAF (Web Application Firewall). Technically you could add a WAF layer inside your image to get that extra abuse protection. We haven’t build that into our product yet because we’re on the fence about it we could be convinced otherwise.