I probably wouldn't cache "/attachments/*" because then they won't be checked for permissions. This means attachments in conversations could be linked and shared with anyone. No need to cache "/internal_data/*" either as files in that folder should never be accessed directly.
Some may disagree with this, but I've being playing around with Cloudfare for a while now and the below is what seems to work the best.
If you don't include some of the other directory folders then when your server goes offline there will not be a complete snapshot of your site available until it comes back. Just don’t include the install folder.
You will see a slight speed increase if you include the library folder, but the cache level must be set to Standard and not to Cache Everything. That is very important. The rest can be set to Cache Everything except for the ones where you are forcing Always Use HTTPS. I am using Cache Level: Bypass for those.