Rules engine - Alibaba Cloud CDN - Alibaba Cloud Documentation Center

Overview

The rules engine provides a graphical user interface that simplifies how you configure rules. You can configure rules to identify user requests based on the parameters they carry to determine whether a configuration applies to the requests. This provides a more flexible and accurate method to manage configurations and policies that you set in Alibaba Cloud CDN.

Background information

The Alibaba Cloud CDN console provides basic features such as cache expiration rules and parameter rewrite, which cater to most scenarios. However, these features are insufficient for more personalized scenarios, such as redirecting requests that contain the path /example to a specified origin server address. In this case, you can use the basic features with the rules engine to implement flexible custom configurations. For even more flexible custom configurations, you can use EdgeScript. For more information, see EdgeScript overview.


Capabilities	Basic features	Basic features + rules engine	EdgeScript (programmable configurations)
Configurations	General configurations	Flexible configurations	Highly flexible configurations
Scenarios	Common requirements	Some advanced custom requirements	Fully customized requirements
Ease of use (technical knowledge required)	Low	Medium	High
Configuration flexibility	Low	Medium	High

Usage notes

You can create a maximum of 50 rules for each domain name.
You can create a maximum of 20 sub-rules for each rule.
If you create a rule by using the console or calling an API operation, you cannot use regular expression-related operators, including regular expression match and mismatch. However, you can still view existing rules that include the operators.
If you create a rule by using the console or calling an API operation, the rule can be referenced a maximum of five times across all features for a domain name.
Rules support up to three levels of nesting. You can configure complete logical statements within each level.

Syntax of rules

A rule consists of logical operators and conditional expressions.

Logic

Logical operators are used to evaluate the conditions of an expression and determine whether to match a rule. The following operators are supported:

and: the logical conjunction operator. The rule is matched only if all conditions are true.
or: the logical disjunction operator. The rule is matched if one of the conditions is true.

Parameters in conditional expressions

A conditional expression with the finest granularity contains the parameters in the following table:


Parameter	Description	Required
MatchType	The type of information to match. The expression attempts to match the specified type of information carried in a user request.	Yes
MatchObject	A subdivision of the match type. For example, the client IP addresses can be subdivided into IP addresses that are used to connect to POPs and X-Forwarded-For (XFF) IP addresses.	No
MatchOperator	The operator of the match.	Yes
MatchValue	The preset value to be matched against the information carried in the user request.	Yes
caseSensitive	Indicates whether the characters in the matched value are case-sensitive.	No

Configuration of conditional expressions


Match type	Match type description	Match object	Match operator	Match value	Case sensitivity
Protocol	The protocol over which the request is sent, such as HTTP or HTTPS.	N/A	Equal to Not equal to	http https	N/A
Request method	The request method, such as GET or PUT.	N/A	Equal to Not equal to	get put post delete head	N/A
URI	The path in the URL of request, excluding request parameters. Example: `/favicon.ico`.	N/A	Include any Exclude any	The `?` and `` wildcards are supported. For example, `//my_path/*` is a valid expression. You can specify multiple wildcards in each expression.	Case-sensitive Case-insensitive
File name	The name of the file requested by the client. Example: name1.	N/A	Include any Exclude any	The `?` and `*` wildcards are supported. You can specify multiple values.	Case-sensitive Case-insensitive
File name extension	The suffix of the file requested by the client, which starts from the last period (.), such as, `.mp4`.	N/A	Include any Exclude any	The `?` and `*` wildcards are supported. You can specify multiple values.	Case-sensitive Case-insensitive
Hostname	The hostname carried in the request. The matching priority: host in the request URL > host in the HOST header of the request.	N/A	Include any Exclude any	The host of the request. You can specify multiple values.	Case-sensitive Case-insensitive
Client IP address	The IP address of the client. IPv4 addresses such as `1.1.X.X`, IPv6 addresses such as `240e:95c:3004:2:3:0:0:XXX`, and CIDR blocks such as `20.209.XXX.XXX/31` are supported.	IP addresses that are used to connect to POPs XFF IP addresses	Include any Exclude any	IPv6 addresses such as 240e:95c:3004:2:3:0:0:3f7 and CIDR blocks such as 120.209.137.226/31 are supported. You can specify multiple values.	N/A
Client IP version	IPv4 or IPv6.	IP addresses that are used to connect to POPs XFF IP	Equal to Not equal to	v4 v6	N/A
Internet service provider (ISP)	The ISP to which the IP address of the client belongs.	IP addresses that are used to connect to POPs XFF IP	Include any Exclude any	You can select a value from the drop-down list or enter characters to filter options. Fuzzy match based on ID or name is supported. You can specify multiple values.	N/A
IP location	The geographic location of the client IP address.	IP addresses that are used to connect to POPs XFF IP	Include any Exclude any	You can select a value from the drop-down list or enter characters to filter options. Fuzzy match based on ID or name is supported. You can specify multiple values.	N/A
Request parameter	Parameters carried in the request URL.	Enter a parameter name.	Existent Non-existent Include any Exclude any Greater than Greater than or equal to Smaller than Smaller than or equal to	The `?` and `*` wildcards are supported. You can specify multiple values.	Case-sensitive Case-insensitive
Request header	Headers carried in requests.	You can enter a parameter name or select a parameter from the drop-down list.	Existent Non-existent Include any Exclude any Greater than Greater than or equal to Smaller than Smaller than or equal to	You can specify multiple values.	Case-sensitive Case-insensitive
Cookie	The cookie carried in the request.	Enter a cookie name.	Existent Non-existent Include any Exclude any Greater than Greater than or equal to Smaller than Smaller than or equal to	The `?` and `*` wildcards are supported. You can specify multiple values.	Case-sensitive Case-insensitive
User-Agent	The User-Agent field in the request header.	N/A	Include any Exclude any	You can select a value from the drop-down list or enter a User-Agent value, such as `Chrome/25`. The `?` and `*` wildcards are supported. You can specify multiple wildcards in each expression.	Case-sensitive Case-insensitive
Range bucket	Requests are grouped and executed based on the percentage.	N/A	Equal to Not equal to	Enter a percentage.	N/A
Time range	The time range during which the request was initiated, in UTC+8. Example: 09:10 to 14:22.	N/A	Include any Exclude any	Enter a time range, such as 09:10 to 14:22.	N/A
Nginx Var	If all the preceding variables in the table cannot meet your requirements, you can use NGINX variables. For more information, see Alphabetical index of variables.	You can select a variable from the drop-down list or enter a variable name in the `$region:$isp` format.	Existent Non-existent Include any Exclude any Greater than Greater than or equal to Smaller than Smaller than or equal to	You can specify multiple values.	N/A

Match operators


Operator	Description
Equal to and not equal to	The condition is true only when all variables are equal to or not equal to the matching value.
Existent and non-existent	The condition is true regardless of whether the variable exists.
Include any and exclude any	The condition is true when variables contain or do not contain any of the matching values. You can specify up to 32 matching values. The following match modes are supported: Exact match: Enter a match object. For example, when the matching value is "a", the condition is true only if the match object is "a". Wildcard match: You can add an asterisk (``) as a wildcard. For example, `a`, `a`, and `a*` can correspond to abc, bca, and bcabc respectively.
Greater than, smaller than, greater than or equal to, smaller than or equal to	`>`, `<`, `>=`, and `<=`
Regular expression match, regular expression mismatch	You can enter a regular expression as the matching value. Note If you create a rule by using the console or calling an API operation, you cannot use regular expression-related operators, including regular expression match and mismatch. However, you can still view existing rules that include the operators.

Wildcards


Wildcard	Description
`?`	Any character can be matched.
`*`	Any characters can be matched.

Procedure

Log on to the Alibaba Cloud CDN console.
In the left-side navigation pane, click Domain Names.
On the Domain Names page, find the domain name that you want to manage and click Manage in the Actions column.
In the left-side navigation pane, click Rules Engine.
Click Add Rule.
On the Add Rule page, configure Rule Name and Rule Content.
Click Submit.

Features that can reference rules


Feature	Description
Conditional origin	You can filter requests based on specified conditions, such as request header, query string parameter, path, and client ip. Then, the requests that meet the conditions are redirected to the specified origin server address.