I honestly don't blame Theymos for switching to Cloudflare. I've been in similar situations guarding larger*ish* sites. It certainly makes thing a hell of a lot simpler.
It's a good idea, but I'm not sure how I would set that up. I'd need either one unique server IP per user or some method of segregating users so that you can't just pay the fee, find the IP address of the "pro" forum, and attack that.
I could use the CF API to whitelist IPs for a fee, but most people don't browse from a static IP. Maybe it's possible to use CF page rules to whitelist certain cookies; I'm not sure.
I looked, not certain there is any feature YET at CF that allows this. There should be though, it would definitely help.