While shipping products at pace, you may want to implement with minimum configuration but at the same time not compromising security. Therefore, I would showcase two of my favourite ways to plug and play into any project with a near minimum configuration within a limited time at no extra cost.

Scenario
Limit API usage to your application only, preferable with API-key
Jugaad Solution
Use Cloudflare Firewall and Firebase Remote Config(optional) in conjunction to serve as API-key. First, use Firebase to store a random string which will serve as API-key. Then use Cloudflare Firewall to set up a rule to prevent all requests without the key.

Scenario
Limit the rate at which users can call your API to prevent misuse
Jugaad Solution
Setting up a full-fledged rate-limiter is a resource-intensive feature. Cloudflare Firewall along with few lines of code, can be used to block a malicious IP if it crosses a pre-defined requests-per-second limit