Configure features for multiple domain names at a time.

Note

Basic information

ipv6
  • Feature description: configures IPv6. For more information, see Configure IPv6.
  • Feature ID (FunctionID/FuncId): 194.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    switch String Yes Specifies whether to enable IPv6.
    • on: enables IPv6.
    • off: disables IPv6.
    on
    region String Yes The region where you want to enable IPv6.
    Note
    • An asterisk (*) specifies all regions. If you want to enable IPv6 in a specified region, submit a ticket.
    • If you do not set the region parameter, IPv6 is enabled in all regions.
    *
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "switch",
                "argValue": "on"
            }, {
                "argName": "region",
                "argValue": "*"
            }],
            "functionName": "ipv6"
        }],
        "DomainNames": "example.com"
    }

Origin fetch settings

set_req_host_header
  • Feature description: configures an origin host. For more information, see Configure an origin host.
  • Feature ID (FunctionID/FuncId): 18.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    domain_name String Yes The origin host. example.com
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "domain_name",
                "argValue": "example.com"
            }],
            "functionName": "set_req_host_header"
        }],
        "DomainNames": "example.com"
    }
forward_scheme
  • Feature description: configures the origin protocol policy. For more information, see Configure the origin protocol policy.
  • Feature ID (FunctionID/FuncId): 47.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable the origin protocol policy.
    • on: enables the origin protocol policy.
    • off: disables the origin protocol policy.
    on
    scheme_origin String No The protocol for back-to-origin routing. Valid values:
    • http: HTTP.
    • https: HTTPS.
    • follow: Alibaba Cloud CDN follows the protocol, HTTP or HTTPS, that is used by the clients.
    Note The default value is follow.
    follow
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "scheme_origin",
                "argValue": "follow"
            }, {
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "forward_scheme"
        }],
        "DomainNames": "example.com"
    }
l2_oss_key
  • Feature description: configures access control on private Object Storage Service (OSS) buckets. For more information, see Grant Alibaba Cloud CDN access permissions on private OSS buckets.
  • Feature ID (FunctionID/FuncId): 85.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    private_oss_auth String Yes Specifies whether to allow access to private OSS buckets.
    • on: allows access to private OSS buckets.
    • off: does not allow access to private OSS buckets.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "private_oss_auth",
                "argValue": "on"
            }],
            "functionName": "l2_oss_key"
        }],
        "DomainNames": "example.com"
    }
https_origin_sni
  • Feature description: configures Server Name Indication (SNI). For more information, see Configure SNI.
  • Feature ID (FunctionID/FuncId): 114.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enabled String Yes Specifies whether to enable origin SNI.
    • on: enables origin SNI.
    • off: disables origin SNI.
    on
    https_origin_sni String Yes The SNI information carried by back-to-origin requests. The SNI information specifies the address of the origin server. origin.example.com
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "https_origin_sni",
                "argValue": "origin.example.com"
            }, {
                "argName": "enabled",
                "argValue": "on"
            }],
            "functionName": "https_origin_sni"
        }],
        "DomainNames": "example.com"
    }
forward_timeout
  • Feature description: sets a request timeout period for back-to-origin routing. For more information, see Set a timeout period for back-to-origin HTTP requests.
  • Feature ID (FunctionID/FuncId): 124.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    forward_timeout Integer Yes The request timeout period. Unit: seconds.
    Note We recommend that you set the request timeout period to less than 100 seconds.
    30
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "forward_timeout",
                "argValue": "30"
            }],
            "functionName": "forward_timeout"
        }],
        "DomainNames": "example.com"
    }
advanced_origin
  • Feature description: configures advanced back-to-origin routing settings. For more information, see Advanced origin settings.
  • Feature ID (FunctionID/FuncId): 235.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    variable_type String Yes The type of the variable. Valid values:
    • header: a request header.
    • arg: a query string parameter in a request URL.
    • uri: a URL path in a request URL.
    • cookie: a request cookie.
    uri
    variable String Yes The name of the variable.
    Note If variable_type is set to uri, variable must be set to uri.
    uri
    conditions String Yes The condition. Valid values:
    • ==: equals.
    • !=: does not equal.
    ==
    value String Yes The value of the variable. /image
    origin String Yes The domain name of the origin server that is carried in a variable in a user request. Requests that are destined for the domain name are redirected to the specified origin server. origin.example.com
  • Example:
    {
      "Functions": [{
        "functionArgs": [{
          "argName": "conditions",
          "argValue": "=="
        }, {
          "argName": "variable_type",
          "argValue": "uri"
        }, {
          "argName": "value",
          "argValue": "/image"
        }, {
          "argName": "origin",
          "argValue": "origin.example.com"
        }, {
          "argName": "variable",
          "argValue": "uri"
        }],
        "functionName": "advanced_origin"
      }],
      "DomainNames": "example.com",
    }
follow_302
  • Feature description: configures 302 redirection. For more information, see Configure 302 redirection.
  • Feature ID (FunctionID/FuncId): 219.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable 302 redirection.
    • on: enables 302 redirection.
    • off: disables 302 redirection.
    on
    max_tries Integer No The maximum number of 302 redirects.
    • Default value: 2.
    • Valid values: 1 to 5.
    Note The number of times of back-to-origin routing -1 = The number of 302 redirects. The default value for the number of times of back-to-origin routing is 3, and valid values are 2 to 6.
    2
    retain_args String No Specifies whether request parameters are retained during 302 redirects.
    • on: retains request parameters.
    • off: does not retain request parameters. This is the default value.
    off
    retain_header String No Specifies whether request headers are retained during 302 redirects.
    • on: retains request headers.
    • off: does not retain request headers. This is the default value.
    off
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }, {
                "argName": "max_tries",
                "argValue": 2
            }, {
                "argName": "retain_args",
                "argValue": "off"
            }, {
                "argName": "retain_header",
                "argValue": "off"
            }],
            "functionName": "follow_302"
        }],
        "DomainNames": "example.com"
    }
set_req_header
  • Feature description: configures a custom HTTP header (version 1) for back-to-origin requests. For more information, see Configure an HTTP header for back-to-origin requests.
    Note set_req_header is version 1. We recommend that you use version 2: origin_request_header. Version 2 supports more headers.
  • Feature ID (FunctionID/FuncId): 39.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    key String Yes The name of the header. Accept-Encoding
    value String Yes The value of the header. If you want to delete a header, set the header value to null. gzip
  • Example 1: Add an HTTP header for back-to-origin requests.
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "value",
                "argValue": "gzip"
            }, {
                "argName": "key",
                "argValue": "Accept-Encoding"
            }],
            "functionName": "set_req_header"
        }],
        "DomainNames": "example.com"
    }
  • Example 2: Delete an HTTP header for back-to-origin requests by setting value to null.
    {
        "Functions": [{
         "functionArgs": [{
            "argName": "value",
            "argValue": "null"
          }, {
           "argName": "key",
           "argValue": "User-Agent"
          }],
          "functionName": "set_req_header"
        }],
        "DomainNames": "example.com"
    }
origin_request_header
  • Feature description: configures a custom HTTP request header (version 2) for back-to-origin requests. For more information, see Rewrite HTTP headers in back-to-origin requests (upgraded feature).
  • Feature ID (FunctionID/FuncId): 228.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    header_operation_type String Yes The operation that you want to perform. Valid values:
    • add: adds a header.
    • delete: deletes a header.
    • modify: modifies a header.
    • rewrite: replaces a header.
    add
    header_name String Yes The name of the request header. Accept-Encoding
    header_value String No The value of the request header. You can specify one or more values for a request header. Separate values with commas (,). gzip
    duplicate String No Specifies whether duplicate request headers are allowed. If header_operation_type is set to add, you must set this parameter.
    • on: allows duplicate headers.
    • off: does not allow duplicate headers.
    off
    header_source String No The header value that you want to replace. If header_operation_type is set to rewrite, you must set this parameter. Regular expressions are supported. value1
    header_destination String No The header value that is used to replace the original header value. If header_operation_type is set to rewrite, you must set this parameter. value123
    match_all String No The replace mode. If header_operation_type is set to rewrite, you must specify a replace mode.
    • on: replaces all matching values. All header values that match the search condition are replaced.
    • off: replaces only the first matching value. Only the first value that matches the search condition is replaced.
    off
  • Example: Add a request header to requests that are destined for example.com. Set the header name to Accept-Encoding, and the header value to gzip.
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "header_operation_type",
                "argValue": "add"
            }, {
                "argName": "header_name",
                "argValue": "Accept-Encoding"
            }, {
                "argName": "header_value",
                "argValue": "gzip"
            }, {
                "argName": "duplicate",
                "argValue": "off"
            }],
            "functionName": "origin_request_header"
        }],
        "DomainNames": "example.com"
    }
origin_response_header
  • Feature description: configures an HTTP response header. For more information, see Rewrite HTTP response headers.
  • Feature ID (FunctionID/FuncId): 229.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    header_operation_type String Yes The operation that you want to perform. Valid values:
    • add: adds a response header.
    • delete: deletes a response header.
    • modify: modifies a response header.
    • rewrite: replaces a response header.
    add
    header_name String Yes The name of the response header. Cache-Control
    header_value String No The value of the response header. You can specify one or more values for a response header. Separate values with commas (,). no-cache
    duplicate String No Specifies whether duplicate response headers are allowed. If header_operation_type is set to add, you must set this parameter.
    • on: allows duplicate response headers.
    • off: does not allow duplicate response headers.
    off
    header_source String No The header value that you want to replace. If header_operation_type is set to rewrite, you must set this parameter. Regular expressions are supported. value1
    header_destination String No The header value that is used to replace the original header value. If header_operation_type is set to rewrite, you must set this parameter. value123
    match_all String No The replace mode. If header_operation_type is set to rewrite, you must specify a replace mode.
    • on: replaces all matching values. All header values that match the search condition are replaced.
    • off: replaces only the first matching value. Only the first value that matches the search condition is replaced.
    off
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "header_operation_type",
                "argValue": "add"
            }, {
                "argName": "header_name",
                "argValue": "Cache-Control"
            }, {
                "argName": "header_value",
                "argValue": "no-cache"
            }, {
                "argName": "duplicate",
                "argValue": "off"
            }],
            "functionName": "origin_response_header"
        }],
        "DomainNames": "example.com"
    }
back_to_origin_url_rewrite
  • Feature description: rewrites URIs in back-to-origin requests. For more information, see Rewrite URIs in back-to-origin requests.
  • Feature ID (FunctionID/FuncId): 225.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    source_url String Yes The URI that you want to rewrite. ^/hello$
    target_url String Yes The final URI. /hello/test
    flag String No The rewrite flag. Valid values:
    • None: If the current rule is matched, the system continues matching the URI against other rules.
    • break: If the current rule is matched, the system skips other rules.
    • enhance_break: This flag is similar to break, but writes the URL parameters and takes effect for Flash Video (FLV) live streaming.
    break
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "flag",
                "argValue": "break"
            }, {
                "argName": "source_url",
                "argValue": "^/hello$"
            }, {
                "argName": "target_url",
                "argValue": "/hello/test"
            }],
            "functionName": "back_to_origin_url_rewrite"
        }],
        "DomainNames": "example.com",
    }
back_to_origin_argument_rewrite
  • Feature description: rewrites parameters in back-to-origin requests. For more information, see Rewrite URL parameters in back-to-origin requests.
    Note Action priorities: Add > Delete > Retain > Modify. Separate parameters with spaces.
  • Feature ID (FunctionID/FuncId): 224.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    delete_argument String No The parameters that you want to delete. Separate parameters with spaces. code1
    save_argument String No The parameters that you want to retain. Separate parameters with spaces. Only the specified parameters are retained. The Add and Delete rules take effect at the same time. N/A
    ignore_all_argument String No Specifies whether you want to ignore all parameters. Default value: off. Valid values:
    • on: ignores all parameters. Only the Add rule takes effect. The Delete, Retain, and Modify rules do not take effect.
    • off: does not ignore parameters. The Retain, Add, and Delete rules remain effective.
    Note The Retain rule and Ignore rule are mutually exclusive. If you do not set Alibaba Cloud CDN to ignore parameters, only the specified parameters are retained. The Add and Delete rules still take effect.
    on
    add_argument String No The parameters that you want to add. Separate parameters with spaces. value=123
    modify_argument String No The parameters that you want to modify. Separate parameters with spaces. value=321
    enable String Yes Specifies whether to enable parameter filtering.
    • on: enables parameter filtering.
    • off: disables parameter filtering.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "delete_argument",
                "argValue": ""
            }, {
                "argName": "save_argument",
                "argValue": ""
            }, {
                "argName": "add_argument",
                "argValue": ""
            }, {
                "argName": "modify_argument",
                "argValue": ""
            }, {
                "argName": "ignore_all_argument",
                "argValue": "on"
            }, {
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "back_to_origin_argument_rewrite"
        }],
        "DomainNames": "example.com"
    }
aws_s3_bucket
  • Feature description: configures Amazon Simple Storage Service (S3) authentication.
  • Feature ID (FunctionID/FuncId): 186.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enabled String Yes Specifies whether to enable AWS S3 authentication.
    • I2: enables AWS S3 authentication.
    • off: disables AWS S3 authentication.
    l2
    bucketname String No The name of the Amazon S3 bucket. /
    accesskey String Yes The AWS access key. 123456789
    secretkey String Yes The AWS secret key. 12345678
    region String Yes The region of the Amazon S3 bucket. us-east-2
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enabled",
                "argValue": "l2"
            }, {
                "argName": "accesskey",
                "argValue": "123456789"
            }, {
                "argName": "secretkey",
                "argValue": "123456789"
            }, {
                "argName": "region",
                "argValue": "us-east-2"
            }],
            "functionName": "aws_s3_bucket"
        }],
        "DomainNames": "example.com"
    }
origin_certificate_verification
  • Feature description: configures an SNI whitelist. For more information, see Common Name whitelist.
  • Feature ID (FunctionID/FuncId): 223.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enabled String Yes Specifies whether to enable the SNI whitelist.
    • on: enables the SNI whitelist.
    • off: disables the SNI whitelist.
    on
    common_name_whitelist String No The domain names that you want to add to the SNI whitelist. Separate domain names with commas (,). Domain names in the whitelist are considered authenticated. example.com
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }, {
                "argName": "common_name_whitelist",
                "argValue": "example.com"
            }],
            "functionName": "origin_certificate_verification"
        }],
        "DomainNames": "example.com"
    }
origin_dns_host
  • Feature description: configures a domain name for back-to-origin routing.
  • Feature ID (FunctionID/FuncId): 212.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    ali_origin_dns_host String Yes The domain name for back-to-origin routing. Requests destined for the specified domain name are resolved to the address of the origin server. example.com
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "ali_origin_dns_host",
                "argValue": "example.com"
            }],
            "functionName": "origin_dns_host"
        }],
        "DomainNames": "example.com"
    }
origin_host
  • Feature description: configures a host for an origin server.
  • Feature ID (FunctionID/FuncId): 242.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    origin String Yes The address of the origin server. If you do not specify an origin address, set origin to all. example.com
    host String Yes The host. host.example.com
  • Example 1: When a user forwards requests to the origin server example.com, the value of host is host.example.com.
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "origin",
                "argValue": "example.com"
            }, {
                "argName": "host",
                "argValue": "host.example.com"
            }],
            "functionName": "origin_host"
        }],
        "DomainNames": "example.com"
    }
  • Example 2: When a user forwards requests to all origin servers, the value of origin is all, and the value of host for all origin servers is host.example.com.
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "origin",
                "argValue": "all"
            }, {
                "argName": "host",
                "argValue": "host.example.com"
            }],
            "functionName": "origin_host"
        }],
        "DomainNames": "example.com"
    }
ali_origin_port_scheme
  • Feature description: configures a port and a protocol for back-to-origin routing.
  • Feature ID (FunctionID/FuncId): 276.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    port String Yes The port for back-to-origin routing.
    Note If scheme is set to follow, set the value in the following format: http:80|https:443.
    80
    scheme String Yes The back-to-origin protocol. Valid values: http, https, follow, https_sm, and follow_sm.
    • http: HTTP.
    • https: HTTPS.
    • follow: Alibaba Cloud CDN follows the protocol, HTTP or HTTPS, that is used by the clients. When the HTTPS protocol is used, only the Rivest-Shamir-Adleman (RSA) algorithm is supported.
      • When the client uses the HTTP protocol, the HTTP protocol is used for back-to-origin routing.
      • When the client uses the HTTPS protocol:
        • If the client uses the RSA algorithm, the HTTPS protocol and the RSA algorithm are used for back-to-origin routing.
        • If the client uses the ShangMi (SM) algorithm, the HTTPS protocol and the RSA algorithm are used for back-to-origin routing.
    • https_sm: The HTTPS protocol and the SM algorithm are used for back-to-origin routing.
    • follow_sm: Alibaba Cloud CDN follows the protocol, HTTP or HTTPS, that is used by the clients. Both the RSA and SM algorithms are supported.
      • When the client uses the HTTP protocol, the HTTP protocol is used for back-to-origin routing.
      • When the client uses the HTTPS protocol:
        • If the client uses the RSA algorithm, the HTTPS protocol and the RSA algorithm are used for back-to-origin routing.
        • If the client uses the SM algorithm, the HTTPS protocol and the SM algorithm are used for back-to-origin routing.
    Note RSA is an algorithm that complies with international standards. SM is a self-developed algorithm in China and is recognized by the State Cryptography Administration.
    http
  • Example 1: Set scheme to http and the back-to-origin port to 80.
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "port",
                "argValue": "80"
            }, {
                "argName": "scheme",
                "argValue": "http"
            }],
            "functionName": "ali_origin_port_scheme"
        }],
        "DomainNames": "example.com"
    }
  • Example 2: Set scheme to follow. When the HTTP protocol is used for back-to-origin routing, requests are sent to port 80 of the origin server. When the HTTPS protocol is used for back-to-origin routing, requests are sent to port 443 of the origin server.
    {
     "Functions": [{
       "functionArgs": [{
         "argName": "port",
         "argValue": "http:80|https:443"
        }, {
         "argName": "scheme",
         "argValue": "follow"
        }],
        "functionName": "ali_origin_port_scheme"
     }],
      "DomainNames": "example.com"
    }
origin_sni
  • Feature description: configures SNI for a specified origin sever.
  • Feature ID (FunctionID/FuncId): 262.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    origin String Yes The address of the origin server. If you do not specify an origin address, set origin to all. example.com
    sni_host String Yes The SNI host that you want to specify. example.org
    keepalive_sni String No Specifies whether to enable SNI matching for persistent connections.
    • on: enables SNI matching.
    • off: disables SNI matching.
    Note If SNI matching is enabled, requests with different SNI hostnames use different persistent connections.
    /
  • Example 1: When a user forwards requests to the origin server example.com, the value of SNI is example.org.
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "origin",
                "argValue": "example.com"
            }, {
                "argName": "sni_host",
                "argValue": "example.org"
            }],
            "functionName": "origin_sni"
        }],
        "DomainNames": "example.com"
    }
  • Example 2: When a user forwards requests to all origin servers, the value of origin is all, and the value of SNI for all origin servers is example.org.
    {
     "Functions": [{
       "functionArgs": [{
         "argName": "origin",
         "argValue": "all"
        }, {
         "argName": "sni_host",
         "argValue": "example.org"
       }],
       "functionName": "origin_sni"
      }],
      "DomainNames": "example.com"
    }
source_group
  • Feature description: configures an origin server group.
  • Feature ID (FunctionID/FuncId): 294.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    source_group_name String Yes The name of an origin server group. The name can be up to 128 bytes in length and can contain lowercase letters, digits, and underscores (_). example_origin
    source_info String Yes The information about origin servers, in the format of Origin server address_Priority_Weight_Port. Separate multiple values with commas (,).
    • Origin server address: supports IPv4 addresses, IPv6 addresses, and domain names.
    • Priority: The value ranges from 1 to 65535. A smaller value indicates a higher priority.
    • Weight: The value ranges from 1 to 100. The proportions of requests sent to different origin servers are allocated based on the weights of the origin servers during CDN back-to-origin routing.
    • Port: The value ranges from 1 to 65535.
    • A single origin server: 192.168.0.1_10_33_80
    • Multiple origin servers: 192.168.0.1_10_33_80,192.0.2.1_10_67_80
    retry_times Integer No The number of back-to-origin retries. 3
    retry_status_rule Integer No The status codes for back-to-origin retries. Separate multiple status codes with commas (,). 404,502
    failback_source String No The basic source information used for backup. Valid values:
    • on: If all origin servers in an origin server group are unavailable, the origin server address configured in the Origin Information section on the Basic Settings tab is used.
    • off: If all origin servers in an origin server group are unavailable, a 5xx status code indicating that the origin servers are unavailable is returned to the client.
    on
  • Example:
    {  
      "Functions": [{     
        "functionArgs": [{    
          "argName": "source_group_name",       
          "argValue": "test_yidong" 
      }, { 
          "argName": "source_info", 
          "argValue": "192.168.0.1_10_33_80,192.0.2.1_10_67_80" 
      }, {   
          "argName": "retry_times",  
          "argValue": "3"       
      }, {  
          "argName": "retry_status_rule",  
          "argValue": "404,502"    
      }, {  
          "argName": "failback_source",        
          "argValue": "on"  
      }],    
        "functionName": "source_group" 
      }],  
      "DomainNames": "example.com"
    }
ipv6_origin
  • Feature description: configures back-to-origin routing over IPv6.
  • Feature ID (FunctionID/FuncId): 265.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable back-to-origin routing over IPv6.
    • on: enables back-to-origin routing over IPv6.
    • off: disables back-to-origin routing over IPv6.
    Note After this feature is enabled, the origin servers provide IPv6 services.
    • If both the CDN edge node and the origin server have available IPv6 addresses, an IPv6 connection is used.
    • An IPv4 connection is used in the following scenarios:
      • The CDN edge node does not have an available IPv6 address.
      • The origin server does not have an available IPv6 address.
      • Neither the CDN edge node nor the origin server has an available IPv6 address.
    on
    follow String Yes Specifies whether to follow the version of the IP protocol that is used by the client.
    • on: follows the version of the IP protocol that is used by the client.
    • off: does not follow the version of the IP protocol that is used by the client.
    Note After you enable the feature, the IP protocol version of the client is used for CDN back-to-origin routing.
    • If a client request uses IPv6, an origin server that uses IPv6 is used for CDN back-to-origin routing. If no origin server uses IPv6, an origin server that uses IPv4 is used.
    • If a client request uses IPv4, an origin server that uses IPv4 is used for CDN back-to-origin routing. If no origin server uses IPv4, an origin server that uses IPv6 is used.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            },{
                "argName": "follow",
                "argValue": "on"
            }],
            "functionName": "ipv6_origin"
        }],
        "DomainNames": "example.com"
    }

Cache settings

filetype_based_ttl_set
  • Feature description: configures a time-to-live (TTL) for files. For more information, see Add a cache rule.
  • Feature ID (FunctionID/FuncId): 6.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    ttl Integer Yes The TTL. Unit: seconds. Valid values: 1 to 99999999, which is more than 3 years. 500000
    file_type String Yes The file name extensions, which are case-sensitive. Separate file name extensions with commas (,). Example: jpg,txt. jpg
    weight Integer No The weight. Valid values: 1 to 99.
    Note The default value is 1. A greater value indicates a higher priority.
    1
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "file_type",
                "argValue": "jpg"
            }, {
                "argName": "weight",
                "argValue": "1"
            }, {
                "argName": "ttl",
                "argValue": "500000"
            }],
            "functionName": "filetype_based_ttl_set"
        }],
        "DomainNames": "example.com"
    }
path_based_ttl_set
  • Feature description: configures a TTL for directories. For more information, see Add a cache rule.
  • Feature ID (FunctionID/FuncId): 7.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    ttl Integer Yes The TTL. Unit: seconds. Valid values: 1 to 99999999, which is more than 3 years. 500000
    path String Yes The directory. It must start with a forward slash (/). /example/demo
    weight Integer No The weight. Valid values: 1 to 99.
    Note The default value is 1. A greater value indicates a higher priority.
    1
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "path",
                "argValue": "/example/demo"
            }, {
                "argName": "weight",
                "argValue": "1"
            }, {
                "argName": "ttl",
                "argValue": "500000"
            }],
            "functionName": "path_based_ttl_set"
        }],
        "DomainNames": "example.com"
    }
filetype_force_ttl_code
  • Feature description: configures a TTL for HTTP status codes of files. For more information, see Create a cache rule for HTTP status codes.
  • Feature ID (FunctionID/FuncId): 63.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    file_type String Yes The file name extensions, which are case-sensitive. Separate file name extensions with commas (,). Example: jpg,txt. jpg
    code_string String Yes The status code and its TTL. Unit: seconds. Valid values: 1 to 99999999, which is more than 3 years. Separate multiple values with commas (,). Example: 302=0,301=0,4xx=2. 403=10
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "file_type",
                "argValue": "jpg"
            }, {
                "argName": "code_string",
                "argValue": "403=10"
            }],
            "functionName": "filetype_force_ttl_code"
        }],
        "DomainNames": "example.com"
    }
path_force_ttl_code
  • Feature description: configures a TTL value for HTTP status codes of paths. For more information, see Create a cache rule for HTTP status codes.
  • Feature ID (FunctionID/FuncId): 65.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    path String Yes The directory. It must start with a forward slash (/). Example: /image. /example/demo
    code_string String Yes The status code and its TTL. Unit: seconds. Valid values: 1 to 99999999, which is more than 3 years. Separate multiple values with commas (,). Example: 302=0,301=0,4xx=2. 403=10,404=15
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "path",
                "argValue": "/example/demo"
            }, {
                "argName": "code_string",
                "argValue": "403=10,404=15"
            }],
            "functionName": "path_force_ttl_code"
        }],
        "DomainNames": "example.com"
    }
set_resp_header
  • Feature description: configures a custom HTTP response header. For more information, see Create a custom HTTP response header.
  • Feature ID (FunctionID/FuncId): 27.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    key String Yes The response header. Cache-Control
    value String Yes The header values. Separate header values with commas (,).
    Note If you want to delete a response header, set the header value to null.
    no-cache
    header_operation_type String No The operation that you want to perform. Valid values:
    • add: adds a response header.
    • delete: deletes a response header.
    • modify: modifies a response header.
    • rewrite: replaces a response header.
    add
    duplicate String No Specifies whether duplicate response headers are allowed. If header_operation_type is set to add, you must set this parameter.
    • on: allows duplicate response headers.
    • off: does not allow duplicate response headers.
    off
    header_source String No The header value that you want to replace. If header_operation_type is set to rewrite, you must set this parameter. Regular expressions are supported. value1
    header_destination String No The header value that is used to replace the original header value. If header_operation_type is set to rewrite, you must set this parameter. value123
    match_all String No The replace mode. If header_operation_type is set to rewrite, you must specify a replace mode.
    • on: replaces all matching values. All header values that match the search condition are replaced.
    • off: replaces only the first matching value. Only the first value that matches the search condition is replaced.
    /
    access_origin_control String No Specifies whether to enable cross-origin resource sharing (CORS).
    • on: enables CORS.
    • off: disables CORS.
    /
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "header_operation_type",
                "argValue": "add"
            }, {
                "argName": "key",
                "argValue": "Cache-Control"
            }, {
                "argName": "value",
                "argValue": "no-cache"
            }, {
                "argName": "duplicate",
                "argValue": "off"
            }],
            "functionName": "set_resp_header"
        }],
        "DomainNames": "example.com"
    }
error_page
  • Feature description: configures a custom error page. For more information, see Create a custom error page.
  • Feature ID (FunctionID/FuncId): 15.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    error_code Integer Yes The HTTP status code. 404
    rewrite_page String Yes The page to which requests are redirected. http://example.aliyundoc.com/error404.html
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "error_code",
                "argValue": "404"
            }, {
                "argName": "rewrite_page",
                "argValue": "http://example.aliyundoc.com/error404.html"
            }],
            "functionName": "error_page"
        }],
        "DomainNames": "example.com"
    }
host_redirect
  • Feature description: configures a URI rewrite rule. For more information, see Create a URI rewrite rule.
  • Feature ID (FunctionID/FuncId): 43.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    regex String Yes The URI that you want to rewrite. It must start with a forward slash (/) and cannot contain http:// or a domain name. You can use Perl Compatible Regular Expressions (PCRE) to specify the URI, for example, ^/hello$. ^/hello$
    replacement String Yes The final URI. It must start with a forward slash (/) and cannot contain http:// or a domain name. /hello/test
    flag String Yes The operation that you want the edge nodes to perform after a URI is rewritten. Valid values:
    • redirect: If the URI in a request matches the current rule, Alibaba Cloud CDN returns the HTTP 302 status code and the request is redirected to the final URI. After the current rule is executed, the request is matched against other rules.
    • break: If the URI in a request matches the current rule, the request is redirected to the final URI. After the current rule is executed, other rules are skipped.
    redirect
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "flag",
                "argValue": "redirect"
            }, {
                "argName": "regex",
                "argValue": "^/hello$"
            }, {
                "argName": "replacement",
                "argValue": "/hello/test"
            }],
            "functionName": "host_redirect"
        }],
        "DomainNames": "example.com"
    }
self_defined_cachekey
  • Feature description: configures a custom cache key. For more information, see Custom cache keys.
  • Feature ID (FunctionID/FuncId): 227.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    uri Array of String No Rewrite a URI and save the final URI as a cache key.
    • uri_to_rewrite: specifies the original URI that you want to rewrite.
    • ai_uri_regex: specifies the final URI.
    [{"uri_to_rewrite":"/hello","ai_uri_regex":"/hello/test"}]
    args Array of String No Add, delete, modify, or retain parameters in requests, and save the URI as a cache key. Valid values:
    • args_operation_type: specifies an operation. Valid values: add, delete, modify, and keep.
    • args: specifies the content that you want to add, delete, modify, or retain.
    [{"args":"test=123","args_operation_type":"add"}]
    headers String No Add multiple HTTP headers to a URI and the cache key. Separate headers with spaces. example
    variable Array of String No The custom variables. You can use a regular expression to extract fields from request query strings, HTTP headers, cookies, and URIs, and add the extracted fields to cache keys. []
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "uri",
                "argValue": [{
                    "uri_to_rewrite": "/hello",
                    "ai_uri_regex": "/hello/test"
                }]
            }, {
                "argName": "args",
                "argValue": [{
                    "args": "test=123",
                    "args_operation_type": "add"
                }]
            }, {
                "argName": "headers",
                "argValue": ""
            }, {
                "argName": "variable",
                "argValue": []
            }],
            "functionName": "self_defined_cachekey"
        }],
        "DomainNames": "example.com"
    }

HTTPS settings

https_option
  • Feature description: configures basic HTTPS parameters. For more information, see Configure an SSL certificate, Enable HTTP/2, and Configure OCSP stapling.
  • Feature ID (FunctionID/FuncId): 78.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    http2 String No Specifies whether to enable HTTP/2.
    • on: enables HTTP/2.
    • off: disables HTTP/2.
    on
    ocsp_stapling String No Specifies whether to enable Online Certificate Status Protocol (OCSP) stapling.
    • on: enables OCSP stapling.
    • off: disables OCSP stapling.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "http2",
                "argValue": "on"
            }, {
                "argName": "ocsp_stapling",
                "argValue": "on"
            }],
            "functionName": "https_option"
        }],
        "DomainNames": "example.com"
    }
http_force
  • Feature description: configures URL redirection to HTTP. For more information, see Configure URL redirection.
  • Feature ID (FunctionID/FuncId): 45.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable URL redirection to HTTP.
    • on: enables URL redirection to HTTP.
    • off: disables URL redirection to HTTP.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "http_force"
        }],
        "DomainNames": "example.com"
    }
https_force
  • Feature description: configures URL redirection to HTTPS. For more information, see Configure URL redirection.
  • Feature ID (FunctionID/FuncId): 44.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable URL redirection to HTTPS.
    • on: enables URL redirection to HTTPS.
    • off: disables URL redirection to HTTPS.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "https_force"
        }],
        "DomainNames": "example.com"
    }
https_tls_version
  • Feature description: configures a Transport Layer Security (TLS) version. For more information, see Configure TLS version control.
  • Feature ID (FunctionID/FuncId): 110.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    tls10 String No Specifies whether to enable TLSv 1.0.
    • on: enables TLSv 1.0. This is the default value.
    • off: disables TLS v1.0.
    on
    tls11 String No Specifies whether to enable TLSv1.1.
    • on: enables TLSv1.1. This is the default value.
    • off: disables TLS v1.1.
    on
    tls12 String No Specifies whether to enable TLSv1.2.
    • on: enables TLSv1.2. This is the default value.
    • off: disables TLS v1.2.
    on
    tls13 String No Specifies whether to enable TLSv1.3.
    • on: enables TLSv1.3. This is the default value.
    • off: disables TLS v1.3.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "tls10",
                "argValue": "on"
            }, {
                "argName": "tls11",
                "argValue": "on"
            }, {
                "argName": "tls12",
                "argValue": "on"
            }, {
                "argName": "tls13",
                "argValue": "on"
            }, ],
            "functionName": "https_tls_version"
        }],
        "DomainNames": "example.com"
    }
HSTS
  • Feature description: configures HTTP Strict Transport Security (HSTS). For more information, see Configure HSTS.
  • Feature ID (FunctionID/FuncId): 112.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enabled String Yes Specifies whether to enable HSTS.
    • on: enables HSTS.
    • off: disables HSTS.
    on
    https_hsts_max_age Integer Yes The TTL, in seconds.
    Note We recommend that you set the TTL to 5184000 seconds (60 days).
    5184000
    https_hsts_include_subdomains String No Specifies whether you want the HSTS header to include subdomains. Valid values: on and off.
    Note Proceed with caution when you enable this feature. Make sure that HTTPS is enabled for all the subdomains of the accelerated domain name. Otherwise, the HTTPS URLs to which requests are redirected from the subdomains become inaccessible.
    off
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enabled",
                "argValue": "on"
            }, {
                "argName": "https_hsts_max_age",
                "argValue": "5184000"
            }, {
                "argName": "https_hsts_include_subdomains",
                "argValue": "off"
            }],
            "functionName": "HSTS"
        }],
        "DomainNames": "example.com"
    }

Access control settings

referer_white_list_set
  • Feature description: configures a Referer whitelist. For more information, see Configure a Referer whitelist or blacklist to enable hotlink protection.
  • Feature ID (FunctionID/FuncId): 1.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    refer_domain_allow_list String Yes The domain names that you want to add to the Referer whitelist. You can specify one or more domain names and separate them with commas (,). example.aliyundoc.com,demo.aliyundoc.com
    allow_empty String No Specifies whether requests with an empty Referer header are allowed to access resources on Alibaba Cloud CDN edge nodes. Valid values:
    • on: allows requests with an empty Referer header.
    • off: does not allow requests with an empty Referer header.
    off
    redirect_url String No Specifies the redirect URL. When the Referer information in the request does not match the whitelist, the 403 status code is not returned after the request is blocked. Instead, the 302 status code and the Location header are returned. This parameter is the value of the Location header and starts with http:// or https://. http://www.example.com
    disable_ast String No Specifies whether to enable exact match for domain names in the whitelist. If you set this parameter to on, exact match is enabled, and domain names with dots (.) can be matched. For example, .example.com.
    • When this parameter is set to on:
      • If you add example.com to the whitelist, example.com is matched.
      • If you add a*b.example.com to the whitelist, a <Any characters>b.example.com.
    • When this parameter is set to off (default value):
      • If you add example.com to the whitelist, example.com is matched.
      • If you add a*.example.com to the whitelist, a <Any characters>.example.com is matched.
      • If you add .example.com to the whitelist, <Any characters>.example.com and example.com are matched.
    off
    ignore_scheme String No Specifies whether to ignore scheme. After you enable this feature, if the Referer in the request does not have an HTTP or HTTPS header, the Referer is still considered valid. Valid values:
    • If the value is on, the Referer is in the following format:

      referer: www.example.com

    • If the value is off (default), the Referer is in the following format:

      referer: https://www.example.com

    off
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "allow_empty",
                "argValue": "off"
            }, {
                "argName": "refer_domain_allow_list",
                "argValue": "example.aliyundoc.com,demo.aliyundoc.com"
            }],
            "functionName": "referer_white_list_set"
        }],
        "DomainNames": "example.com"
    }
referer_black_list_set
  • Feature description: configures a Referer blacklist. For more information, see Configure a Referer whitelist or blacklist to enable hotlink protection.
  • Feature ID (FunctionID/FuncId): 5.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    refer_domain_deny_list String Yes The domain names that you want to add to the Referer blacklist. You can specify one or more domain names and separate them with commas (,). example.aliyundoc.com,demo.aliyundoc.com
    allow_empty String No Specifies whether requests with an empty Referer header are allowed to access resources on Alibaba Cloud CDN edge nodes.
    • on: allows duplicate headers.
    • off: does not allow requests with an empty Referer header.
    off
    redirect_url String No Specifies the redirect URL. When the Referer information in the request does not match the whitelist, the 403 status code is not returned after the request is blocked. Instead, the 302 status code and the Location header are returned. This parameter is the value of the Location header and starts with http:// or https://. http://www.example.com
    disable_ast String No Specifies whether to enable exact match for domain names in the blacklist. If you set this parameter to on, exact match is enabled, and domain names with dots (.) can be matched. For example, .example.com.
    • When this parameter is set to on:
      • If you add example.com to the blacklist, example.com is matched.
      • If you add a*b.example.com to the blacklist, a <Any characters>b.example.com.
    • When this parameter is set to off (default):
      • If you add example.com to the blacklist, example.com is matched.
      • If you add a*.example.com to the blacklist, a <Any characters>.example.com is matched.
      • If you add .example.com to the blacklist, <Any characters>.example.com and example.com are matched.
    off
    ignore_scheme String No Specifies whether to enable the feature of ignoring scheme. After you enable this feature, if the Referer in the request does not have an HTTP or HTTPS header, the Referer is still considered valid. Valid values:
    • If the value is on, the Referer is in the following format:

      referer: www.example.com

    • If the value is off (default), the Referer is in the following format:

      referer: https://www.example.com

    off
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "allow_empty",
                "argValue": "off"
            }, {
                "argName": "refer_domain_deny_list",
                "argValue": "example.aliyundoc.com,demo.aliyundoc.com"
            }],
            "functionName": "referer_black_list_set"
        }],
        "DomainNames": "example.com"
    }
aliauth
  • Feature description: configures URL signing. For more information, see Configure URL signing.
  • Feature ID (FunctionID/FuncId): 25.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    auth_m3u8 String No Specifies whether to enable M3U8 rewrite. M3U8 rewrite authenticates TS files. If M3U8 rewrite is disabled, access to TS files may be denied. Valid values: on and off. Default value: on. on
    auth_type String Yes The signing type. Valid values:
    • no_auth: disables URL signing.
    • type_a: enables type A signing.
    • type_b: enables type B signing.
    • type_c: enables type C signing.
    type_a
    auth_key1 String Yes The cryptographic key 1. The key is 16 to 128 characters in length, and can contain letters and digits. 1234567890123456789
    auth_key2 String No The cryptographic key 2. The key is 16 to 128 characters in length, and can contain letters and digits. 1234567890123456789
    ali_auth_delta Integer No The TTL of the signed URLs. The TTL is measured in seconds. Default value: 1800. 1800
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "auth_type",
                "argValue": "type_a"
            }, {
                "argName": "auth_key1",
                "argValue": "1234567890123456789"
            }, {
                "argName": "auth_key2",
                "argValue": "1234567890123456789"
            }, {
                "argName": "ali_auth_delta",
                "argValue": 1800
            }],
            "functionName": "aliauth"
        }],
        "domainNames": "example.com"
    }
cdn_remote_auth
  • Feature description: configures remote authentication. For more information, see Configure remote authentication.
  • Feature ID (FunctionID/FuncId): 258.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable remote authentication.
    • on: enables remote authentication.
    • off: disables remote authentication.
    on
    remote_auth_addr String Yes The address of the authentication server. Valid formats: https://cdn.aliyun.com/auth and http://10.10.10.10/auth. https://example.aliyundoc.com/auth
    remote_auth_method String Yes The request method. Valid values: get, post, and head. get
    remote_auth_type String Yes The file types. A value of all specifies all types. Separate file types with vertical bars (|). The value is case-sensitive. For example, jpg is different from JPG. all
    remote_auth_reserve_args String Yes The parameters that you want to retain. A value of all retains all parameters. Separate parameters with vertical bars (|). A value of ali_delete_all_args deletes all parameters. The value is case-sensitive. For example, key is different from KEY. all
    remote_auth_custom_args String No The parameters that you want to add. Separate parameters with vertical bars (|). The value is case-sensitive. For example, key is different from KEY. No value is specified.
    remote_auth_reserve_header String Yes The request headers that you want to retain.
    • all: retains all request headers. Separate request headers with vertical bars (|).
    • ali_delete_all_headers: deletes all request headers. The value is not case-sensitive. For example, http_remote_addr is equivalent to HTTP_Remote_Addr.
    all
    remote_auth_custom_header String No The request headers that you want to add. Separate request headers with vertical bars (|). The value is not case-sensitive. For example, http_remote_addr is equivalent to HTTP_Remote_Addr. No value is specified.
    remote_auth_success_code Integer Yes The HTTP status code returned when a request passes authentication. For example, if you set the value to 200, the authentication server returns the HTTP 200 status code to Alibaba Cloud CDN when a request passes authentication. 200
    remote_auth_fail_code Integer Yes The HTTP status code returned to Alibaba Cloud CDN when a request fails authentication. For example, if you set the value to 403, the authentication server returns the HTTP 403 status code to Alibaba Cloud CDN when a request fails authentication. 403
    remote_auth_fail_resp_code Integer Yes The HTTP status code returned from Alibaba Cloud CDN to users when a request passes authentication. For example, if you set the value to 403, Alibaba Cloud CDN returns the HTTP 403 status code to the user when a request fails authentication. 403
    remote_auth_timeout Integer Yes The authentication timeout period, in milliseconds. Maximum value: 3000. 500
    remote_auth_timeout_action String Yes The action that is performed if authentication times out. Valid values:
    • pass: The request passes authentication.
    • reject: Alibaba Cloud CDN returns the specified HTTP status code for authentication failures to the user.
    pass
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }, {
                "argName": "remote_auth_addr",
                "argValue": "https://example.aliyundoc.com/auth"
            }, {
                "argName": "remote_auth_method",
                "argValue": "get"
            }, {
                "argName": "remote_auth_type",
                "argValue": "all"
            }, {
                "argName": "remote_auth_reserve_args",
                "argValue": "all"
            }, {
                "argName": "remote_auth_custom_args",
                "argValue": ""
            }, {
                "argName": "remote_auth_reserve_header",
                "argValue": "all"
            }, {
                "argName": "remote_auth_custom_header",
                "argValue": ""
            }, {
                "argName": "remote_auth_success_code",
                "argValue": "200"
            }, {
                "argName": "remote_auth_fail_code",
                "argValue": "403"
            }, {
                "argName": "remote_auth_fail_resp_code",
                "argValue": "403"
            }, {
                "argName": "remote_auth_timeout",
                "argValue": 500
            }, {
                "argName": "remote_auth_timeout_action",
                "argValue": "pass"
            }, {
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "cdn_remote_auth"
        }],
        "DomainNames": "example.com"
    }
ip_allow_list_set
  • Feature description: configures an IP whitelist. For more information, see Configure an IP blacklist or whitelist.
  • Feature ID (FunctionID/FuncId): 69.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    ip_list String Yes The IP addresses that you want to add to the whitelist. You can specify one or more IP addresses and separate them with commas (,). 192.168.0.1/24
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "ip_list",
                "argValue": "192.168.0.1/24"
            }],
            "functionName": "ip_allow_list_set"
        }],
        "DomainNames": "example.com"
    }
ip_black_list_set
  • Feature description: configures an IP blacklist. For more information, see Configure an IP blacklist or whitelist.
  • Feature ID (FunctionID/FuncId): 13.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    ip_list String Yes The IP addresses that you want to add to the blacklist. You can specify one or more IP addresses and separate them with commas (,). 192.168.0.1
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "ip_list",
                "argValue": "192.168.0.1"
            }],
            "functionName": "ip_black_list_set"
        }],
        "DomainNames": "example.com"
    }
ali_ua
  • Feature description: configures a User-Agent whitelist or blacklist. For more information, see Configure a User-Agent blacklist or whitelist.
  • Feature ID (FunctionID/FuncId): 58.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    ua String Yes The user agents that you want to add to the list. You can use asterisks (*) and specify multiple values. Separate values with vertical bars (|). Example: *curl**IE**chrome**firefox*. *curl*|*IE*|*chrome*|*firefox*
    type String Yes The type of list. Valid values:
    • black: a blacklist.
    • white: a whitelist.
    Note The blacklist and whitelist are mutually exclusive. You can enable only one of them.
    black
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "ua",
                "argValue": "*curl*|*IE*|*chrome*|*firefox*"
            }, {
                "argName": "type",
                "argValue": "black"
            }],
            "functionName": "ali_ua"
        }],
        "DomainNames": "example.com"
    }

Performance improvements

tesla
  • Feature description: configures HTML optimization. For more information, see Enable HTML optimization.
  • Feature ID (FunctionID/FuncId): 16.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable HTML optimization. Valid values:
    • on: enables HTML optimization.
    • off: disables HTML optimization.
    on
    trim_js String No Specifies whether to optimize the JavaScript code of HTML pages. Default value: off. Valid values:
    • on: optimizes the JavaScript code of HTML pages.
    • off: does not optimize the JavaScript code of HTML pages.
    off
    trim_css String No Specifies whether to optimize the CSS code of HTML pages. Default value: off. Valid values:
    • on: optimizes the CSS code of HTML pages.
    • off: does not optimize the CSS code of HTML pages.
    off
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }, {
                "argName": "trim_css",
                "argValue": "off"
            }, {
                "argName": "trim_js",
                "argValue": "off"
            }],
            "functionName": "tesla"
        }],
        "DomainNames": "example.com"
    }
gzip
  • Feature description: configures Gzip compression. For more information, see Configure intelligent compression.
  • Feature ID (FunctionID/FuncId): 35.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable Gzip compression.
    • on: enables Gzip compression.
    • off: disables Gzip compression.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "gzip"
        }],
        "DomainNames": "example.com"
    }
brotli
  • Feature description: configures Brotli compression. For more information, see Configure Brotli compression.
  • Feature ID (FunctionID/FuncId):97.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable Brotli compression.
    • on: enables Brotli compression.
    • off: disables Brotli compression.
    on
    brotli_level Integer No The compression level.
    • Default value: 1.
    • Valid values: 1 to 11. A greater value indicates a higher compression level.
    1
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }, {
                "argName": "brotli_level",
                "argValue": "1"
            }],
            "functionName": "brotli"
        }],
        "DomainNames": "example.com"
    }
set_hashkey_args
  • Feature description: retains URL parameters. For more information, see Ignore parameters.
  • Feature ID (FunctionID/FuncId): 19.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    hashkey_args String No The parameters that you want to retain. Separate multiple parameters with commas (,). You can specify up to 10 parameters. key1,key2
    disable String Yes Specifies whether you want to ignore all parameters. Default value: off. Valid values:
    • on: ignores all parameters. Only the Add rule takes effect. The Delete, Retain, and Modify rules do not take effect.
    • off: does not ignore parameters. The Retain, Add, and Delete rules remain effective.
    Note The hashkey_args setting has a higher priority. Even if you have set this parameter to on, the parameters specified by hashkey_args are retained.
    on
    keep_oss_args String Yes Specifies whether you want to retain parameters during back-to-origin routing. Valid values:
    • on: retains all parameters during back-to-origin routing.
    • off: The parameters retained during back-to-origin routing are the same as those in hashkey.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "hashkey_args",
                "argValue": ""
            }, {
                "argName": "keep_oss_args",
                "argValue": "on"
            }, {
                "argName": "disable",
                "argValue": "on"
            }],
            "functionName": "set_hashkey_args"
        }],
        "DomainNames": "example.com"
    }
ali_remove_args
  • Feature description: deletes URL parameters. For more information, see Ignore parameters.
  • Feature ID (FunctionID/FuncId): 75.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    ali_remove_args String Yes The parameters that you want to delete. Separate multiple parameters with spaces.
    Note The parameters that are retained are used as the URL parameters in hashkey.
    test
    keep_oss_args String Yes Specifies whether you want to retain parameters during back-to-origin routing. Valid values:
    • on: retains all parameters during back-to-origin routing.
    • off: The parameters retained during back-to-origin routing are the same as those in hashkey.
    off
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "ali_remove_args",
                "argValue": "test"
            }, {
                "argName": "keep_oss_args",
                "argValue": "off"
            }],
            "functionName": "ali_remove_args"
        }],
        "DomainNames": "example.com"
    }
image_transform
  • Feature description: configures image editing. For more information, see Image editing overview.
  • Feature ID (FunctionID/FuncId): 239.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable image editing.
    • on: enables image editing.
    • off: disables image editing.
    on
    filetype String Yes The image formats that you want to convert. Separate formats with vertical bars (|). jpg|jpeg|png
    webp String No Specifies whether to enable automatic conversion to WebP.
    • on: enables automatic conversion to WebP.
    • off: disables automatic conversion to WebP.
    on
    orient String No Specifies whether to enable automatic rotation.
    • on: enables automatic rotation.
    • off: disables automatic rotation.
    Note This feature takes effect only for images that carry rotation properties.
    on
    slim Integer No Image compression. You can set the compression rate. Valid values: 0 to 100. Image compression reduces data transfer without changing the resolution, size, or format of images. 10
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "filetype",
                "argValue": "jpg|jpeg|png"
            }, {
                "argName": "webp",
                "argValue": "on"
            }, {
                "argName": "orient",
                "argValue": "on"
            }, {
                "argName": "slim",
                "argValue": ""
            }, {
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "image_transform"
        }],
        "DomainNames": "example.com"
    }

Video-related settings

range
  • Feature description: configures object chunking. For more information, see Object chunking.
  • Feature ID (FunctionID/FuncId): 31.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable range origin fetch. Valid values:
    • on: enables range origin fetch.
    • off: does not enable range origin fetch.
    • force: enables range origin fetch by force.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "range"
        }],
        "DomainNames": "example.com"
    }
video_seek
  • Feature description: configures video seeking. For more information, see Video seeking.
  • Feature ID (FunctionID/FuncId): 30.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable video seeking. Valid values:
    • on: enables video seeking.
    • off: disables video seeking.
    on
    flv_seek_by_time String No Specifies whether to enable video seeking by time for FLV files. Valid values:
    • on: enables video seeking by time for FLV files.
    • off: disables video seeking by time for FLV files.
    on
    mp4_seek_start String No Sets custom start parameters for MP4 files. mp4starttime
    mp4_seek_end String No Sets custom end parameters for MP4 files. mp4endtime
    flv_seek_start String No Sets custom start parameters for FLV files. flvstarttime
    flv_seek_end String No Sets custom end parameters for FLV files. flvendtime
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "video_seek"
        }],
        "DomainNames": "example.com"
    }
ali_video_split
  • Feature description: configures audio extraction. For more information, see Audio extraction.
  • Feature ID (FunctionID/FuncId): 204.
  • The following table describes the parameter.
    Parameter Type Required Description Example
    enabled String Yes Specifies whether to enable audio extraction.
    • on: enables audio extraction.
    • off: disables audio extraction.
    on
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "ali_video_split"
        }],
        "DomainNames": "example.com"
    }
ali_video_preview
  • Feature description: configures video preview. For more information, see Audio and video preview.
  • Feature ID (FunctionID/FuncId): 205.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable video preview.
    • on: enables video preview.
    • off: disables video preview.
    Note Supported file formats are TS, MP3, FLV, and MP4.
    on
    ali_video_preview_argument String Yes Set custom preview parameters. The preview time is measured in seconds. fds
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }, {
                "argName": "ali_video_preview_argument",
                "argValue": "fds"
            }],
            "functionName": "ali_video_preview"
        }],
        "DomainNames": "example.com"
    }
hls_token_rewrite
  • Feature description: configures M3U8 encryption and rewrite. For more information, see M3U8 encryption and rewrite.
  • Feature ID (FunctionID/FuncId): 253.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    enable String Yes Specifies whether to enable M3U8 encryption and rewrite.
    • on: enables M3U8 encryption and rewrite.
    • off: disables M3U8 encryption and rewrite.
    on
    hls_token_arg_name String No Specifies a parameter name for the HLS token. If you do not specify a name, MtsHlsUriToken is used as the name. example
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "enable",
                "argValue": "on"
            }],
            "functionName": "hls_token_rewrite"
        }],
        "DomainNames": "example.com",
    }

Security settings

tmd_signature
  • Feature description: configures rate limiting. For more information, see Configure rate limiting.
  • Feature ID (FunctionID/FuncId): 96.
  • To use this feature, you must be included in the whitelist. You can join the DingTalk group 33137775 and request technical support.
ddos_domain
  • Feature description: configures DDoS mitigation. For more information, see Configure Anti-DDoS.
  • Feature ID (FunctionID/FuncId): 209.
  • To use this feature, you must be included in the whitelist. You can join the DingTalk group 32615821 and request technical support.
ali_location
  • Feature description: configures a region blacklist. For more information, see Configure a region blacklist or whitelist.
  • Feature ID (FunctionID/FuncId): 57.
  • To use this feature, you must be included in the whitelist. You can join the DingTalk group 31327650 and request technical support.
allowed_crawlers
  • Feature description: configures a crawler whitelist. For more information, see Configure WAF.
  • Feature ID (FunctionID/FuncId): 270.
  • To use this feature, you must be included in the whitelist. You can submit a ticket to apply for service activation.
threat_intelligence
  • Feature description: configures threat intelligence. For more information, see Configure WAF.
  • Feature ID (FunctionID/FuncId): 271.
  • To use this feature, you must be included in the whitelist. You can submit a ticket to apply for service activation.
intelligent_algorithm
  • Feature description: configures AI protection. For more information, see Configure WAF.
  • Feature ID (FunctionID/FuncId): 272.
  • To use this feature, you must be included in the whitelist. You can submit a ticket to apply for service activation.

Traffic throttling

limit_rate
  • Feature description: configures throttling for individual requests.
  • Feature ID (FunctionID/FuncId): 72.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    ali_limit_rate Integer Yes The value to which the bandwidth is throttled after throttling is triggered. Unit: byte/s. Examples: 200 KB/s and 1 MB/s. 10m
    ali_limit_rate_after Integer No The threshold value that triggers throttling. Unit: byte/s. 1000
    traffic_limit_arg String No The name of the throttling parameter. Throttling is performed based on the value of the specified parameter in URLs, for example, rate. rate
    traffic_limit_unit String No The unit of the data transfer rate. Valid values: m (MB/s), k (KB/s), and g (GB/s). If rate is set to 1, data transfer rate is throttled to 1 MB/s, 1 KB/s, or 1 GB/s. m
    ali_limit_start_hour Integer No The time when throttling starts. Valid values: 0 to 24. Default value: 0. The start time must be earlier than the end time.
    Note Specifies a time in the 24-hour notation. It must be on the hour. For example, 00:00:00 represents 0 o'clock, and 24:00:00 represents 24 o'clock.
    20
    ali_limit_end_hour Integer No The time when throttling ends. Valid values: 0 to 24. Default value: 24. The end time must be later than the start time. 23
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "ali_limit_rate",
                "argValue": "10m"
            }],
            "functionName": "limit_rate"
        }],
        "DomainNames": "example.com"
    }

EdgeScript settings

edge_function
  • Feature description: configures EdgeScript. For more information, see EdgeScript overview.
  • Feature ID (FunctionID/FuncId): 180.
  • The following table describes the parameters.
    Parameter Type Required Description Example
    rule String Yes The domain-specific language (DSL) script. if eq($uri, '/') {\n rewrite('https://example.com/index.html', 'redirect')\n}
    pri Integer Yes The priority. Valid values: 0 to 999. A smaller value indicates a higher priority.
    Note The priorities of the head and foot execution positions are irrelevant to each other.
    0
    enable String Yes Specifies whether you want to enable the script. Valid values:
    • on: enables the script.
    • off: disables the script.
    on
    name String Yes The name of the script. The name can contain only letters and underscores (_). test
    pos String No The position where you want to execute the script. Default value: head. Valid values:
    • head: The script is executed at the head of the request processing pipeline.
    • foot: The script is executed at the foot of the request processing pipeline.
    head
    brk String No Specifies whether you want to skip other scripts after the current script is executed. Default value: off. Valid values:
    • on: After the current script is matched, the scripts after the specified position are skipped.
    • off: If the current script is matched, the system continues to match the request against other scripts.
    off
    option String No The extension. No value is specified.
    grammar String No The script syntax. Valid values: es2 and js. Default value: es2. /
    jsmode String No The JavaScript execution mode. Default value: bypass. Valid values:
    • redirect: block mode
    • bypass: bypass mode
    /
  • Example:
    {
        "Functions": [{
            "functionArgs": [{
                "argName": "name",
                "argValue": "test"
            }, {
                "argName": "rule",
                "argValue": "if eq($uri, '/') {\n    rewrite('https://example.com/index.html', 'redirect')\n}"
            }, {
                "argName": "pri",
                "argValue": "0"
            }, {
                "argName": "pos",
                "argValue": "head"
            }, {
                "argName": "enable",
                "argValue": "on"
            }, {
                "argName": "brk",
                "argValue": "off"
            }, {
                "argName": "option",
                "argValue": ""
            }],
            "functionName": "edge_function"
        }],
        "DomainName": "example.com"
    }

EdgeRoutine settings

edgeroutine
  • Feature description: configures EdgeRoutine. For more information, see ER overview.
  • Feature ID (FunctionID/FuncId): 275.
  • To use this feature, you must be included in the whitelist. You can submit a ticket to apply for service activation.

Rules engine settings

condition
  • Feature description: configures the rules engine.
  • Feature ID (FunctionID/FuncId): 250.
  • To use this feature, you must be included in the whitelist. You can submit a ticket to apply for service activation.

QUIC

quic
  • Feature description: configures QUIC. For more information, see Configure the QUIC protocol.
  • Feature ID (FunctionID/FuncId): 281.
  • To use this feature, you must be included in the whitelist. You can submit a ticket to apply for service activation.