Frequently Asked Questions

What are page rules

Updated Time:2023-04-27  Views:18511

You can define a page rule to trigger one or more actions when a specific URL pattern is matched.

Caution:

1.Page rules require proxy DNS records to be turned on for your page rules to take effect.

2.Page rules do not apply to hostnames that do not exist in DNS records or are not directed to Cloudflare.

 

It is important to understand two basic page rule behaviors:

1. Page rules are listed in descending order in the rule list, with the highest priority rule at the top.

2. Only the highest priority matching page rules will take effect for requests.

It is recommended that rules be sorted in order from most specific to least specific.

Page rules match URL patterns based on the following format (consisting of five parts): ://<:port>/? <query string>.

An example URL with these four parts is shown below:

https://www.example.com:443/image.png?parameter1=value1

The scheme and port side are optional.

If scheme is omitted match http://和https:// protocol.

If no port is specified , the rule will match all ports.

Finally, you can disable page rules at any time. When a rule is disabled, no corresponding action is triggered, but the rule still appears in the page rule list, is editable, and counts toward the number of rules your protection version is allowed to create.

 

Understanding wildcard matching and referencing

You can use an asterisk (*) in any URL segment to match a specific pattern. For example:

example.com/t*st

Will match

example.com/test

example.com/toast

example.com/trust

example.com/foo/* does not match example.com/foo. However, example.com/foo* does.

 

Important Notes:

1, To match both http and https, just write example.com. there is no need to write *example.com.

2. To match every page in the domain, write example.com/*. Just writing example.com will not work.

3. To match every page on the domain and its subdomains, write * example.com/*. Just writing example.com does not work.

4. The wildcard character (*) in the page rule URL will match even if the character is not present, and can contain any part of the URL, including the query string.

 

Quote wildcard matching

You can quote the matching wildcard later using the $X syntax. X represents the index of the glob pattern. Thus, $1 represents the first wildcard match, $2 represents the second wildcard match, and so on.

This is especially useful for forwarding URL settings. For example:

You can forward:

http://*.example.com/*

To:

http://example.com/images/$1/$2.jpg

This rule will match:

http://cloud.example.com/flare.jpg

Eventually forwarded to:

http://example.com/images/cloud/flare.jpg

To use the literal $ character in a forwarding URL, escape it by prefixing it with a backslash (\): \$.

Avoid creating redirects where the domain name points to itself as the destination. This may result in an infinite redirect error and your site will not be available to visitors.

 

Summary of page rule settings

1.Security Level: Control options for security level functions in security applications.

2. Edge Cache TTL: Specifies the length of time to cache resources in the Cloudflare global network. The edge cache TTL is not visible in the response header.

3.Email Obfuscation Technology: Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield application.

4. Server-side exclusion: Turn on or off the server-side exclusion of the Cloudflare Scrape Shield application.

5. Cache level: Apply custom cache according to the selected option.

6. Cache Spoofing Armor: Prevents Web cache spoofing attacks while still allowing static assets to be cached. This setting verifies that the extension of the URL matches the returned Content-Type.

7. Disable Zaraz: Provides a way to use Google Analytics in conjunction with Zaraz, a solution that allows Google Analytics to collect data without having to load its scripts on the site.

8. Disable security: i.e. turn off email obfuscation, server-side exclusion.

9. Disable performance: i.e. turn off Auto Minify, Rocket Loader, Polish.

10. Disable applications: Close all active Cloudflare applications.

11. Browser cache TTL: control the time that the resources cached by the client browser remain valid.

12. Browser Integrity Check: Check if the visitor's browser has headers that are commonly associated with spammers and certain bots.

13. Bypass the cache on the cookie: If the regular expression matches the cookie name present in the request, the cache is bypassed and the resource is fetched from the source server.

If you add this setting and the Cache On Cookie setting to the same page rule, the Cache On Cookie takes precedence over the Bypass Cache on Cookie.

14. Always use HTTPS: If enabled, any http:// URL will be converted to https:// via a 301 redirect.

15. Random Encryption: Turns on or off the Cloudflare Opportunity Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS application.

16. Source server cache control: set the Cache-Control header to tell Cloudflare how to handle the content from the source.

17. Forwarding URLs: Use HTTP 301/302 redirects to redirect one URL to another.

18.Automatic HTTPS Rewrite: Turn on or off the Cloudflare Automatic HTTPS Rewrite feature in the Edge Certificates tab of the Cloudflare SSL/TLS application.

19.Auto Minify: Indicates the file extension to be automatically reduced on the cookie cache.

20. IP Geo Location Header: Cloudflare adds a CF-IPCountry HTTP header that contains the country code corresponding to the visitor.

21. Mirage: Turn on or off Cloudflare Mirage for the Cloudflare Speed application.

22.Polish: Cloudflare Polish is a one-click image optimization product that automatically optimizes the images on your site to speed up image downloads.

23.Rocket Loader: Rocket Loader prioritizes website content (text, images, fonts, etc.) by deferring the loading of all JavaScript until after rendering.

24.SSL: If enabled, any http:// URL will be converted to https:// via a 301 redirect.

25.Web Application Firewall: monitors web requests to your domain and filters out unwanted traffic based on the ruleset you enable.