id be cautious about the workers.dev since it cant have WAF on itself so if a worker on it was exposed that made a request to another zone bypassing rules then it would create a doorway through which someone could send unblocked requests to the zone