WordPress SuperSonic with CloudFlare will solve your problem.
How it works
By default CloudFlare do not cache HTML content. It can be changed by Page Rules. WordPress SuperSonic purges CloudFlare cache when site content is changed. When you publish new post, edit or delete, when new comment is submited SuperSonic will purge exactly changed pages previously cached in CloudFlare.
Specify what should be cleared on posts events.
Supersonic protects WordPress sensitive functions such as Login Page, Comments posting or XML-RPC by blocking access for selected countries (or allowing selected countries). It can be made at zero cost. Because CloudFlare send to site information about visitor country. Supersonic has also Brute Force attacks protection.
Supersonic adds commenter country information to comments. Now you will know from which country are your commenters. Also you can ban, whitelist or nul IP addresses in CloudFlare from comments view.
You can download Supersonic plugin from wordpress.org repository. Click here.