feat(cloudflare): Add bot protection and configuration checks for zones

[HugoPBrito]

Context

This PR adds security checks for Cloudflare zones focusing on bot protection and security configuration. This is part 3 of 4 PRs for complete Cloudflare support.

Depends on: #9424

Description

Adds 9 security checks for Cloudflare zones:

Bot Protection (3):

Check	Description
zones_bot_fight_mode_enabled	Validates Bot Fight Mode is enabled
zones_waf_enabled	Ensures WAF is enabled for the zone
zones_rate_limiting_enabled	Validates rate limiting is configured

Security Configuration (3):

Check	Description
zones_challenge_passage_configured	Validates challenge passage settings
zones_development_mode_disabled	Ensures development mode is disabled in production
zones_always_online_disabled	Validates Always Online is properly configured

Content Protection (3):

Check	Description
zones_hotlink_protection_enabled	Ensures hotlink protection is enabled
zones_server_side_excludes_enabled	Validates server-side excludes are configured
zones_ip_geolocation_enabled	Validates IP geolocation is enabled

Steps to review

1. Review each check implementation in prowler/providers/cloudflare/services/zones/
2. Verify metadata files have correct severity and remediation guidance
3. Test locally:

   prowler cloudflare --api-token <token> --check zones_bot_fight_mode_enabled
   

Checklist

• Are there new checks included in this PR? Yes (9 checks)
  • If so, do we need to update permissions for the provider? No
• [x] Review if the code is being covered by tests.
• [x] Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• [ ] Review if backport is needed.
• [ ] Review if is needed to change the Readme.md
• [ ] Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.