Change rule

Authorizations

Authorization

string

header

required

API key for authentication. Make sure to include the word apikey, followed by a single space and then your token. Example: apikey 1234$abcdef

Path Parameters

resource_id

integer

required

CDN resource ID.

rule_id

integer

required

Rule ID.

Body

application/json

rule

string

required

Path to the file or folder for which the rule will be applied.

The rule is applied if the requested URI matches the rule path.

We add a leading forward slash to any rule path. Specify a path without a forward slash.

Maximum string length: 300

Example:

"/folder/images/*.png"

ruleType

integer

required

Rule type.

Possible values:

Type 0 - Regular expression. Must start with '^/' or '/'.
Type 1 - Regular expression. Note that for this rule type we automatically add / to each rule pattern before your regular expression. This type is legacy, please use Type 0.

Required range: 0 <= x <= 1

Example:

0

active

boolean

Enables or disables a rule.

Possible values:

true - Rule is active, rule settings are applied.
false - Rule is inactive, rule settings are not applied.

Example:

true

name

string

Rule name.

Maximum string length: 255

Example:

"My first rule"

weight

integer

Rule execution order: from lowest (1) to highest.

If requested URI matches multiple rules, the one higher in the order of the rules will be applied.

Required range: 1 <= x <= 2147483647

Example:

1

overrideOriginProtocol

enum<string> | null

Sets a protocol other than the one specified in the CDN resource settings to connect to the origin.

Possible values:

HTTPS - CDN servers connect to origin via HTTPS protocol.
HTTP - CDN servers connect to origin via HTTP protocol.
MATCH - Connection protocol is chosen automatically; in this case, content on origin source should be available for the CDN both through HTTP and HTTPS protocols.
null - originProtocol setting is inherited from the CDN resource settings.

Available options:

HTTPS,

HTTP,

MATCH

originGroup

integer | null

ID of the origin group to which the rule is applied.

If the origin group is not specified, the rule is applied to the origin group that the CDN resource is associated with.

Example:

null

options

object

List of options that can be configured for the rule.

In case of null value the option is not added to the rule. Option inherits its value from the CDN resource settings.

Show child attributes

options.allowedHttpMethods

object

HTTP methods allowed for content requests from the CDN.

Show child attributes

options.allowedHttpMethods.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.allowedHttpMethods.value

enum<string>[]

required

Available options:

GET,

HEAD,

POST,

PUT,

PATCH,

DELETE,

OPTIONS

Example:

{ "enabled": true, "value": ["GET", "POST"] }

options.bot_protection

object

Allows to prevent online services from overloading and ensure your business workflow running smoothly.

Show child attributes

options.bot_protection.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.bot_protection.bot_challenge

object

required

Controls the bot challenge module state.

Show child attributes

options.bot_protection.bot_challenge.enabled

boolean

default:false

Possible values:

true - Bot challenge is enabled.
false - Bot challenge is disabled.

Example:

{
  "enabled": true,
  "bot_challenge": { "enabled": true }
}

options.brotli_compression

object

Compresses content with Brotli on the CDN side. CDN servers will request only uncompressed content from the origin.

Notes:

CDN only supports "Brotli compression" when the "origin shielding" feature is activated.
If a precache server is not active for a CDN resource, no compression occurs, even if the option is enabled.
brotli_compression is not supported with fetch_compressed or slice options enabled.
fetch_compressed option in CDN resource settings overrides brotli_compression in rules. If you enabled fetch_compressed in CDN resource and want to enable brotli_compression in a rule, you must specify fetch_compressed:false in the rule.

Show child attributes

options.brotli_compression.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.brotli_compression.value

enum<string>[]

required

Allows to select the content types you want to compress.

text/html is a mandatory content type.

Available options:

application/javascript,

application/json,

application/vnd.ms-fontobject,

application/wasm,

application/x-font-ttf,

application/x-javascript,

application/xml,

application/xml+rss,

image/svg+xml,

image/x-icon,

text/css,

text/html,

text/javascript,

text/plain,

text/xml

Example:

{
  "enabled": true,
  "value": ["text/html", "text/plain"]
}

options.browser_cache_settings

object

Cache expiration time for users browsers in seconds.

Cache expiration time is applied to the following response codes: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.

Responses with other codes will not be cached.

Show child attributes

options.browser_cache_settings.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.browser_cache_settings.value

string<nginx time>

required

Set the cache expiration time to '0s' to disable caching.

The maximum duration is any equivalent to 1y.

Example:

{ "enabled": true, "value": "3600s" }

options.cache_http_headers

object

deprecated

Legacy option. Use the response_headers_hiding_policy option instead.

HTTP Headers that must be included in the response.

Show child attributes

options.cache_http_headers.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.cache_http_headers.value

string[]

required

Maximum string length: 1024

Example:

{
  "enabled": false,
  "value": [
    "vary",
    "content-length",
    "last-modified",
    "connection",
    "accept-ranges",
    "content-type",
    "content-encoding",
    "etag",
    "cache-control",
    "expires",
    "keep-alive",
    "server"
  ]
}

options.cors

object

Enables or disables CORS (Cross-Origin Resource Sharing) header support.

CORS header support allows the CDN to add the Access-Control-Allow-Origin header to a response to a browser.

Show child attributes

options.cors.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.cors.value

string[]

required

Value of the Access-Control-Allow-Origin header.

Possible values:

Adds * as the Access-Control-Allow-Origin header value - Content will be uploaded for requests from any domain. "value": ["*"]
Adds "$http_origin" as the Access-Control-Allow-Origin header value if the origin matches one of the listed domains - Content will be uploaded only for requests from the domains specified in the field. "value": ["domain.com", "second.dom.com"]
Adds "$http_origin" as the Access-Control-Allow-Origin header value - Content will be uploaded for requests from any domain, and the domain from which the request was sent will be added to the "Access-Control-Allow-Origin" header in the response. "value": ["$http_origin"]

options.cors.always

boolean

default:false

Defines whether the Access-Control-Allow-Origin header should be added to a response from CDN regardless of response code.

Possible values:

true - Header will be added to a response regardless of response code.
false - Header will only be added to responses with codes: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.

Example:

{
  "enabled": true,
  "value": ["domain.com", "domain2.com"],
  "always": true
}

options.country_acl

object

Enables control access to content for specified countries.

Show child attributes

options.country_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.country_acl.policy_type

enum<string>

required

Defines the type of CDN resource access policy.

Possible values:

allow - Access is allowed for all the countries except for those specified in excepted_values field.
deny - Access is denied for all the countries except for those specified in excepted_values field.

Available options:

allow,

deny

options.country_acl.excepted_values

string<country-code>[]

required

List of countries according to ISO-3166-1.

The meaning of the parameter depends on policy_type value:

allow - List of countries for which access is prohibited.
deny - List of countries for which access is allowed.

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "allow",
  "excepted_values": ["GB", "DE"]
}

options.disable_cache

object

deprecated

Legacy option. Use the edge_cache_settings option instead.

Allows the complete disabling of content caching.

Show child attributes

options.disable_cache.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.disable_cache.value

boolean

required

Possible values:

true - content caching is disabled.
false - content caching is enabled.

Example:

{ "enabled": true, "value": false }

options.disable_proxy_force_ranges

object

Allows 206 responses regardless of the settings of an origin source.

Show child attributes

options.disable_proxy_force_ranges.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.disable_proxy_force_ranges.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.edge_cache_settings

object

Cache expiration time for CDN servers.

value and default fields cannot be used simultaneously.

Show child attributes

options.edge_cache_settings.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.edge_cache_settings.value

string<nginx time>

Caching time.

The value is applied to the following response codes: 200, 206, 301, 302. Responses with codes 4xx, 5xx will not be cached.

Use 0s to disable caching.

The maximum duration is any equivalent to 1y.

options.edge_cache_settings.custom_values

object

A MAP object representing the caching time in seconds for a response with a specific response code.

These settings have a higher priority than the value field.

Use any key to specify caching time for all response codes.
Use 0s value to disable caching for a specific response code.

Show child attributes

options.edge_cache_settings.custom_values.{key}

string<nginx time>

options.edge_cache_settings.default

string<nginx time>

Enables content caching according to the origin cache settings.

The value is applied to the following response codes 200, 201, 204, 206, 301, 302, 303, 304, 307, 308, if an origin server does not have caching HTTP headers.

Responses with other codes will not be cached.

The maximum duration is any equivalent to 1y.

Example:

{
  "enabled": true,
  "value": "43200s",
  "custom_values": { "100": "43200s" }
}

options.fastedge

object

Allows to configure FastEdge app to be called on different request/response phases.

Note: At least one of on_request_headers, on_request_body, on_response_headers, or on_response_body must be specified.

Show child attributes

options.fastedge.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.fastedge.on_request_headers

object

Allows to configure FastEdge application that will be called to handle request headers as soon as CDN receives incoming HTTP request.

Show child attributes

options.fastedge.on_request_headers.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_request_headers.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_request_headers.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_request_headers.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_request_headers.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

options.fastedge.on_request_body

object

Allows to configure FastEdge application that will be called to handle request body as soon as CDN receives incoming HTTP request.

Show child attributes

options.fastedge.on_request_body.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_request_body.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_request_body.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_request_body.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_request_body.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

options.fastedge.on_response_headers

object

Allows to configure FastEdge application that will be called to handle response headers before CDN sends the HTTP response.

Show child attributes

options.fastedge.on_response_headers.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_response_headers.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_response_headers.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_response_headers.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_response_headers.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

options.fastedge.on_response_body

object

Allows to configure FastEdge application that will be called to handle response body before CDN sends the HTTP response.

Show child attributes

options.fastedge.on_response_body.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_response_body.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_response_body.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_response_body.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_response_body.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

Example:

{
  "enabled": true,
  "on_request_headers": {
    "enabled": true,
    "app_id": "1001",
    "interrupt_on_error": true
  }
}

options.fetch_compressed

object

Makes the CDN request compressed content from the origin.

The origin server should support compression. CDN servers will not decompress your content even if a user browser does not accept compression.

Notes:

fetch_compressed is not supported with gzipON or brotli_compression or slice options enabled.
fetch_compressed overrides gzipON and brotli_compression in rule. If you enable it in CDN resource and want to use gzipON and brotli_compression in a rule, you have to specify "fetch_compressed": false in the rule.

Show child attributes

options.fetch_compressed.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.fetch_compressed.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": false }

options.follow_origin_redirect

object

Enables redirection from origin. If the origin server returns a redirect, the option allows the CDN to pull the requested content from the origin server that was returned in the redirect.

Show child attributes

options.follow_origin_redirect.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.follow_origin_redirect.codes

enum<integer>[]

required

Redirect status code that the origin server returns.

To serve up to date content to end users, you will need to purge the cache after managing the option.

Minimum array length: 1

Available options:

301,

302,

303,

307,

308

Example:

{ "enabled": true, "codes": [302, 308] }

options.force_return

object

Applies custom HTTP response codes for CDN content.

The following codes are reserved by our system and cannot be specified in this option: 408, 444, 477, 494, 495, 496, 497, 499.

Show child attributes

options.force_return.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.force_return.code

integer

required

Status code value.

Required range: 100 <= x <= 599

options.force_return.body

string

required

URL for redirection or text.

Maximum string length: 255

options.force_return.time_interval

object

Controls the time at which a custom HTTP response code should be applied. By default, a custom HTTP response code is applied at any time.

Show child attributes

options.force_return.time_interval.start_time

string

required

Time from which a custom HTTP response code should be applied. Indicated in 24-hour format.

Example:

"06:00"

options.force_return.time_interval.end_time

string

required

Time until which a custom HTTP response code should be applied. Indicated in 24-hour format.

Example:

"18:00"

options.force_return.time_interval.time_zone

string<timezone>

default:UTC

Time zone used to calculate time.

Example:

"Europe/Luxembourg"

Example:

{
  "enabled": true,
  "code": 301,
  "body": "http://example.com/redirect_address",
  "time_interval": {
    "start_time": "09:00",
    "end_time": "20:00",
    "time_zone": "CET"
  }
}

options.forward_host_header

object

Forwards the Host header from a end-user request to an origin server.

hostHeader and forward_host_header options cannot be enabled simultaneously.

Show child attributes

options.forward_host_header.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.forward_host_header.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": false, "value": false }

options.gzipOn

object

Compresses content with gzip on the CDN end. CDN servers will request only uncompressed content from the origin.

Notes:

Compression with gzip is not supported with fetch_compressed or slice options enabled.
fetch_compressed option in CDN resource settings overrides gzipON in rules. If you enable fetch_compressed in CDN resource and want to enable gzipON in rules, you need to specify "fetch_compressed":false for rules.

Show child attributes

options.gzipOn.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.gzipOn.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.hostHeader

object

Sets the Host header that CDN servers use when request content from an origin server. Your server must be able to process requests with the chosen header.

If the option is null, the Host Header value is equal to first CNAME.

hostHeader and forward_host_header options cannot be enabled simultaneously.

Show child attributes

options.hostHeader.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.hostHeader.value

string

required

Host Header value.

Maximum string length: 2048

Example:

{ "enabled": true, "value": "host.com" }

Defines whether the files with the Set-Cookies header are cached as one file or as different ones.

Show child attributes

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

Possible values:

true - Option is enabled, files with cookies are cached as one file.
false - Option is disabled, files with cookies are cached as different files.

Example:

{ "enabled": true, "value": true }

options.ignoreQueryString

object

How a file with different query strings is cached: either as one object (option is enabled) or as different objects (option is disabled.)

ignoreQueryString, query_params_whitelist and query_params_blacklist options cannot be enabled simultaneously.

Show child attributes

options.ignoreQueryString.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.ignoreQueryString.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": false }

options.image_stack

object

Transforms JPG and PNG images (for example, resize or crop) and automatically converts them to WebP or AVIF format.

Show child attributes

options.image_stack.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.image_stack.avif_enabled

boolean

default:false

Enables or disables automatic conversion of JPEG and PNG images to AVI format.

options.image_stack.webp_enabled

boolean

default:false

Enables or disables automatic conversion of JPEG and PNG images to WebP format.

options.image_stack.quality

integer

default:95

Defines quality settings for JPG and PNG images. The higher the value, the better the image quality, and the larger the file size after conversion.

Required range: 1 <= x <= 100

options.image_stack.png_lossless

boolean

default:false

Enables or disables compression without quality loss for PNG format.

Example:

{
  "enabled": true,
  "avif_enabled": true,
  "webp_enabled": false,
  "quality": 80,
  "png_lossless": true
}

options.ip_address_acl

object

Controls access to the CDN resource content for specific IP addresses.

If you want to use IPs from our CDN servers IP list for IP ACL configuration, you have to independently monitor their relevance. We recommend you use a script for automatically update IP ACL. Read more.

Show child attributes

options.ip_address_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.ip_address_acl.policy_type

enum<string>

required

IP access policy type.

Possible values:

allow - Allow access to all IPs except IPs specified in "excepted_values" field.
deny - Deny access to all IPs except IPs specified in "excepted_values" field.

Available options:

allow,

deny

options.ip_address_acl.excepted_values

string<ipv4net or ipv6net>[]

required

List of IP addresses with a subnet mask.

The meaning of the parameter depends on policy_type value:

allow - List of IP addresses for which access is prohibited.
deny - List of IP addresses for which access is allowed.

Examples:

192.168.3.2/32
2a03:d000:2980:7::8/128

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "deny",
  "excepted_values": ["192.168.1.100/32"]
}

options.limit_bandwidth

object

Allows to control the download speed per connection.

Show child attributes

options.limit_bandwidth.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.limit_bandwidth.limit_type

enum<string>

required

Method of controlling the download speed per connection.

Possible values:

static - Use speed and buffer fields to set the download speed limit.
dynamic - Use query strings speed and buffer to set the download speed limit.

For example, when requesting content at the link

http://cdn.example.com/video.mp4?speed=50k&buffer=500k

the download speed will be limited to 50kB/s after 500 kB.

Available options:

static,

dynamic

options.limit_bandwidth.speed

integer

Maximum download speed per connection.

Required range: 1 <= x <= 1000000000

options.limit_bandwidth.buffer

integer

Amount of downloaded data after which the user will be rate limited.

Required range: 0 <= x <= 1000000000

Example:

{
  "enabled": true,
  "limit_type": "static",
  "speed": 100,
  "buffer": 200
}

options.proxy_cache_key

object

Allows you to modify your cache key. If omitted, the default value is $request_uri.

Combine the specified variables to create a key for caching.

$request_uri
$scheme
$uri

Warning: Enabling and changing this option can invalidate your current cache and affect the cache hit ratio. Furthermore, the "Purge by pattern" option will not work.

Show child attributes

options.proxy_cache_key.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_cache_key.value

string

required

Key for caching.

Maximum string length: 255

Example:

{ "enabled": true, "value": "$scheme$uri" }

options.proxy_cache_methods_set

object

Caching for POST requests along with default GET and HEAD.

Show child attributes

options.proxy_cache_methods_set.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_cache_methods_set.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": false }

options.proxy_connect_timeout

object

The time limit for establishing a connection with the origin.

Show child attributes

options.proxy_connect_timeout.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_connect_timeout.value

string

required

Timeout value in seconds.

Supported range: 1s - 5s.

Example:

{ "enabled": true, "value": "4s" }

options.proxy_read_timeout

object

The time limit for receiving a partial response from the origin. If no response is received within this time, the connection will be closed.

Note: When used with a WebSocket connection, this option supports values only in the range 1–20 seconds (instead of the usual 1–30 seconds).

Show child attributes

options.proxy_read_timeout.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_read_timeout.value

string

required

Timeout value in seconds.

Supported range: 1s - 30s.

Example:

{ "enabled": true, "value": "10s" }

options.query_params_blacklist

object

Files with the specified query parameters are cached as one object, files with other parameters are cached as different objects.

ignoreQueryString, query_params_whitelist and query_params_blacklist options cannot be enabled simultaneously.

Show child attributes

options.query_params_blacklist.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.query_params_blacklist.value

string[]

required

List of query parameters.

Example:

{
  "enabled": true,
  "value": ["some", "blacklisted", "query"]
}

options.query_params_whitelist

object

Files with the specified query parameters are cached as different objects, files with other parameters are cached as one object.

ignoreQueryString, query_params_whitelist and query_params_blacklist options cannot be enabled simultaneously.

Show child attributes

options.query_params_whitelist.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.query_params_whitelist.value

string[]

required

List of query parameters.

Example:

{
  "enabled": true,
  "value": ["some", "whitelisted", "query"]
}

options.query_string_forwarding

object

The Query String Forwarding feature allows for the seamless transfer of parameters embedded in playlist files to the corresponding media chunk files. This functionality ensures that specific attributes, such as authentication tokens or tracking information, are consistently passed along from the playlist manifest to the individual media segments. This is particularly useful for maintaining continuity in security, analytics, and any other parameter-based operations across the entire media delivery workflow.

Show child attributes

options.query_string_forwarding.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.query_string_forwarding.forward_from_file_types

string[]

required

The forward_from_files_types field specifies the types of playlist files from which parameters will be extracted and forwarded. This typically includes formats that list multiple media chunk references, such as HLS and DASH playlists. Parameters associated with these playlist files (like query strings or headers) will be propagated to the chunks they reference.

options.query_string_forwarding.forward_to_file_types

string[]

required

The field specifies the types of media chunk files to which parameters, extracted from playlist files, will be forwarded. These refer to the actual segments of media content that are delivered to viewers. Ensuring the correct parameters are forwarded to these files is crucial for maintaining the integrity of the streaming session.

options.query_string_forwarding.forward_only_keys

string[]

The forward_only_keys field allows for granular control over which specific parameters are forwarded from playlist files to media chunk files. By specifying certain keys, only those parameters will be propagated, ensuring that only relevant information is passed along. This is particularly useful for security and performance optimization, as it prevents unnecessary or sensitive data from being included in requests for media chunks.

options.query_string_forwarding.forward_except_keys

string[]

The forward_except_keys field provides a mechanism to exclude specific parameters from being forwarded from playlist files to media chunk files. By listing certain keys in this field, you can ensure that these parameters are omitted during the forwarding process. This is particularly useful for preventing sensitive or irrelevant information from being included in requests for media chunks, thereby enhancing security and optimizing performance.

Example:

{
  "enabled": true,
  "forward_from_file_types": ["m3u8", "mpd"],
  "forward_to_file_types": ["ts", "mp4"],
  "forward_only_keys": ["auth_token", "session_id"],
  "forward_except_keys": ["debug_info"]
}

options.redirect_http_to_https

object

Enables redirect from HTTP to HTTPS.

redirect_http_to_https and redirect_https_to_http options cannot be enabled simultaneously.

Show child attributes

options.redirect_http_to_https.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.redirect_http_to_https.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.redirect_https_to_http

object

Enables redirect from HTTPS to HTTP.

redirect_http_to_https and redirect_https_to_http options cannot be enabled simultaneously.

Show child attributes

options.redirect_https_to_http.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.redirect_https_to_http.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": false, "value": true }

options.referrer_acl

object

Controls access to the CDN resource content for specified domain names.

Show child attributes

options.referrer_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.referrer_acl.policy_type

enum<string>

required

Policy type.

Possible values:

allow - Allow access to all domain names except the domain names specified in excepted_values field.
deny - Deny access to all domain names except the domain names specified in excepted_values field.

Available options:

allow,

deny

options.referrer_acl.excepted_values

string<domain or wildcard>[]

required

List of domain names or wildcard domains (without protocol: http:// or https://.)

The meaning of the parameter depends on policy_type value:

allow - List of domain names for which access is prohibited.
deny - List of IP domain names for which access is allowed.

Examples:

example.com
*.example.com

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "deny",
  "excepted_values": ["example.com", "*.example.net"]
}

options.request_limiter

object

Option allows to limit the amount of HTTP requests.

Show child attributes

options.request_limiter.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.request_limiter.rate

integer

required

Maximum request rate.

Required range: x >= 1

options.request_limiter.rate_unit

enum<string>

default:r/s

Units of measurement for the rate field.

Possible values:

r/s - Requests per second.
r/m - Requests per minute.

If the rate is less than one request per second, it is specified in request per minute (r/m.)

Available options:

r/s,

r/m

Example:

{
  "enabled": true,
  "rate_unit": "r/s",
  "rate": 5,
  "burst": 5,
  "delay": 0
}

options.response_headers_hiding_policy

object

Hides HTTP headers from an origin server in the CDN response.

Show child attributes

options.response_headers_hiding_policy.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.response_headers_hiding_policy.mode

enum<string>

required

How HTTP headers are hidden from the response.

Possible values:

show - Hide only HTTP headers listed in the excepted field.
hide - Hide all HTTP headers except headers listed in the "excepted" field.

Available options:

hide,

show

options.response_headers_hiding_policy.excepted

string<http_header>[]

required

List of HTTP headers.

Parameter meaning depends on the value of the mode field:

show - List of HTTP headers to hide from response.
hide - List of HTTP headers to include in response. Other HTTP headers will be hidden.

The following headers are required and cannot be hidden from response:

Connection
Content-Length
Content-Type
Date
Server

Maximum array length: 256

Maximum string length: 128

Example:

{
  "enabled": true,
  "mode": "hide",
  "excepted": ["my-header"]
}

options.rewrite

object

Changes and redirects requests from the CDN to the origin. It operates according to the Nginx configuration.

Show child attributes

options.rewrite.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.rewrite.body

string

required

Path for the Rewrite option.

Example:

/(.*) /media/$1

Maximum string length: 255

options.rewrite.flag

enum<string>

default:break

Flag for the Rewrite option.

Possible values:

last - Stop processing the current set of ngx_http_rewrite_module directives and start a search for a new location matching changed URI.
break - Stop processing the current set of the Rewrite option.
redirect - Return a temporary redirect with the 302 code; used when a replacement string does not start with http://, https://, or $scheme.
permanent - Return a permanent redirect with the 301 code.

Available options:

break,

last,

redirect,

permanent

Example:

{
  "enabled": true,
  "body": "/(.*) /additional_path/$1",
  "flag": "break"
}

options.secure_key

object

Configures access with tokenized URLs. This makes impossible to access content without a valid (unexpired) token.

Show child attributes

options.secure_key.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.secure_key.key

string | null

required

Key generated on your side that will be used for URL signing.

Maximum string length: 255

options.secure_key.type

enum<integer>

default:0

Type of URL signing.

Possible types:

Type 0 - Includes end user IP to secure token generation.
Type 2 - Excludes end user IP from secure token generation.

Available options:

0,

2

Example:

{
  "enabled": true,
  "key": "secretkey",
  "type": 2
}

options.slice

object

Requests and caches files larger than 10 MB in parts (no larger than 10 MB per part.) This reduces time to first byte.

The option is based on the Slice module.

Notes:

Origin must support HTTP Range requests.
Not supported with gzipON, brotli_compression or fetch_compressed options enabled.

Show child attributes

options.slice.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.slice.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.sni

object

The hostname that is added to SNI requests from CDN servers to the origin server via HTTPS.

SNI is generally only required if your origin uses shared hosting or does not have a dedicated IP address. If the origin server presents multiple certificates, SNI allows the origin server to know which certificate to use for the connection.

The option works only if originProtocol parameter is HTTPS or MATCH.

Show child attributes

options.sni.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.sni.custom_hostname

string<domain>

required

Custom SNI hostname.

It is required if sni_type is set to custom.

Maximum string length: 255

options.sni.sni_type

enum<string>

default:dynamic

SNI (Server Name Indication) type.

Possible values:

dynamic - SNI hostname depends on hostHeader and forward_host_header options. It has several possible combinations:
If the hostHeader option is enabled and specified, SNI hostname matches the Host header.
If the forward_host_header option is enabled and has true value, SNI hostname matches the Host header used in the request made to a CDN.
If the hostHeader and forward_host_header options are disabled, SNI hostname matches the primary CNAME.
custom - custom SNI hostname is in use.

Available options:

dynamic,

custom

Example:

{
  "enabled": true,
  "sni_type": "custom",
  "custom_hostname": "custom.example.com"
}

options.stale

object

Serves stale cached content in case of origin unavailability.

Show child attributes

options.stale.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.stale.value

enum<string>[]

required

Defines list of errors for which "Always online" option is applied.

Available options:

error,

http_403,

http_404,

http_429,

http_500,

http_502,

http_503,

http_504,

invalid_header,

timeout,

updating

Example:

{
  "enabled": true,
  "value": ["http_404", "http_500"]
}

options.static_response_headers

object

Custom HTTP Headers that a CDN server adds to a response.

Show child attributes

options.static_response_headers.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.static_response_headers.value

object[]

required

Maximum array length: 50

Show child attributes

options.static_response_headers.value.name

string

required

HTTP Header name.

Restrictions:

Maximum 128 symbols.
Latin letters (A-Z, a-z,) numbers (0-9,) dashes, and underscores only.

Maximum string length: 128

options.static_response_headers.value.value

string[]

required

Header value.

Restrictions:

Maximum 512 symbols.
Letters (a-z), numbers (0-9), spaces, and symbols (`~!@#%%^&*()-_=+ /|";:?.,><{}[]).
Must start with a letter, number, asterisk or {.
Multiple values can be added.

options.static_response_headers.value.always

boolean

default:false

Defines whether the header will be added to a response from CDN regardless of response code.

Possible values:

true - Header will be added to a response from CDN regardless of response code.
false - Header will be added only to the following response codes: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.

Example:

{
  "enabled": true,
  "value": [
    {
      "name": "X-Example",
      "value": ["Value_1"],
      "always": true
    },
    {
      "name": "X-Example-Multiple",
      "value": ["Value_1", "Value_2", "Value_3"],
      "always": false
    }
  ]
}

options.staticHeaders

object

deprecated

Legacy option. Use the static_response_headers option instead.

Custom HTTP Headers that a CDN server adds to response. Up to fifty custom HTTP Headers can be specified. May contain a header with multiple values.

Show child attributes

options.staticHeaders.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.staticHeaders.value

object

required

A MAP for static headers in a format of header_name: header_value.

Restrictions:

Header name - Maximum 128 symbols, may contain Latin letters (A-Z, a-z), numbers (0-9), dashes, and underscores.
Header value - Maximum 512 symbols, may contain letters (a-z), numbers (0-9), spaces, and symbols (`~!@#%%^&*()-_=+ /|";:?.,><{}[]). Must start with a letter, number, asterisk or {.

Example:

{
  "enabled": true,
  "value": {
    "X-Example": "Value_1",
    "X-Example-Multiple": ["Value_2", "Value_3"]
  }
}

options.staticRequestHeaders

object

Custom HTTP Headers for a CDN server to add to request. Up to fifty custom HTTP Headers can be specified.

Show child attributes

options.staticRequestHeaders.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.staticRequestHeaders.value

object

required

A MAP for static headers in a format of header_name: header_value.

Restrictions:

Header name - Maximum 255 symbols, may contain Latin letters (A-Z, a-z), numbers (0-9), dashes, and underscores.
Header value - Maximum 512 symbols, may contain letters (a-z), numbers (0-9), spaces, and symbols (`~!@#%%^&*()-_=+ /|";:?.,><{}[]). Must start with a letter, number, asterisk or {.

Show child attributes

options.staticRequestHeaders.value.{key}

string

Example:

{
  "enabled": true,
  "value": {
    "Header-One": "Value 1",
    "Header-Two": "Value 2"
  }
}

options.user_agent_acl

object

Controls access to the content for specified User-Agents.

Show child attributes

options.user_agent_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.user_agent_acl.policy_type

enum<string>

required

User-Agents policy type.

Possible values:

allow - Allow access for all User-Agents except specified in excepted_values field.
deny - Deny access for all User-Agents except specified in excepted_values field.

Available options:

allow,

deny

options.user_agent_acl.excepted_values

string<user_agent>[]

required

List of User-Agents that will be allowed/denied.

The meaning of the parameter depends on policy_type:

allow - List of User-Agents for which access is prohibited.
deny - List of User-Agents for which access is allowed.

Use an empty string "" to allow/deny access when the User-Agent header is empty.

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "allow",
  "excepted_values": ["UserAgent Value", ""]
}

options.waap

object

Allows to enable WAAP (Web Application and API Protection).

Show child attributes

options.waap.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.waap.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.websockets

object

Enables or disables WebSockets connections to an origin server.

Show child attributes

options.websockets.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.websockets.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

Response

Successful.

integer

Rule ID.

Example:

5

name

string

Rule name.

Maximum string length: 255

Example:

"My first rule"

active

boolean

Enables or disables a rule.

Possible values:

true - Rule is active, rule settings are applied.
false - Rule is inactive, rule settings are not applied.

Example:

true

deleted

boolean

Defines whether the rule has been deleted.

Possible values:

true - Rule has been deleted.
false - Rule has not been deleted.

Example:

false

originGroup

integer | null

ID of the origin group to which the rule is applied.

If the origin group is not specified, the rule is applied to the origin group that the CDN resource is associated with.

Example:

null

rule

string

Path to the file or folder for which the rule will be applied.

The rule is applied if the requested URI matches the rule path.

We add a leading forward slash to any rule path. Specify a path without a forward slash.

Maximum string length: 300

Example:

"/folder/images/*.png"

ruleType

integer

Rule type.

Possible values:

Type 0 - Regular expression. Must start with '^/' or '/'.
Type 1 - Regular expression. Note that for this rule type we automatically add / to each rule pattern before your regular expression. This type is legacy, please use Type 0.

Required range: 0 <= x <= 1

Example:

0

weight

integer

Rule execution order: from lowest (1) to highest.

If requested URI matches multiple rules, the one higher in the order of the rules will be applied.

Required range: 1 <= x <= 2147483647

Example:

1

originProtocol

enum<string>

Protocol used by CDN servers to request content from an origin source.

Possible values:

HTTPS - CDN servers connect to origin via HTTPS protocol.
HTTP - CDN servers connect to origin via HTTP protocol.
MATCH - Connection protocol is chosen automatically; in this case, content on origin source should be available for the CDN both through HTTP and HTTPS protocols.

Available options:

HTTPS,

HTTP,

MATCH

Example:

"HTTPS"

overrideOriginProtocol

enum<string> | null

Sets a protocol other than the one specified in the CDN resource settings to connect to the origin.

Possible values:

HTTPS - CDN servers connect to origin via HTTPS protocol.
HTTP - CDN servers connect to origin via HTTP protocol.
MATCH - Connection protocol is chosen automatically; in this case, content on origin source should be available for the CDN both through HTTP and HTTPS protocols.
null - originProtocol setting is inherited from the CDN resource settings.

Available options:

HTTPS,

HTTP,

MATCH

preset_applied

boolean

Defines whether the rule has an applied preset.

Possible values:

true - Rule has a preset applied.
false - Rule does not have a preset applied.

If a preset is applied to the rule, the options included in the preset cannot be edited for the rule.

Example:

false

primary_rule

integer | null

ID of the rule with which the current rule is synchronized within the CDN resource shared cache zone feature.

Example:

null

options

object

List of options that can be configured for the rule.

In case of null value the option is not added to the rule. Option inherits its value from the CDN resource settings.

Show child attributes

options.allowedHttpMethods

object

HTTP methods allowed for content requests from the CDN.

Show child attributes

options.allowedHttpMethods.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.allowedHttpMethods.value

enum<string>[]

required

Available options:

GET,

HEAD,

POST,

PUT,

PATCH,

DELETE,

OPTIONS

Example:

{ "enabled": true, "value": ["GET", "POST"] }

options.bot_protection

object

Allows to prevent online services from overloading and ensure your business workflow running smoothly.

Show child attributes

options.bot_protection.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.bot_protection.bot_challenge

object

required

Controls the bot challenge module state.

Show child attributes

options.bot_protection.bot_challenge.enabled

boolean

default:false

Possible values:

true - Bot challenge is enabled.
false - Bot challenge is disabled.

Example:

{
  "enabled": true,
  "bot_challenge": { "enabled": true }
}

options.brotli_compression

object

Compresses content with Brotli on the CDN side. CDN servers will request only uncompressed content from the origin.

Notes:

CDN only supports "Brotli compression" when the "origin shielding" feature is activated.
If a precache server is not active for a CDN resource, no compression occurs, even if the option is enabled.
brotli_compression is not supported with fetch_compressed or slice options enabled.
fetch_compressed option in CDN resource settings overrides brotli_compression in rules. If you enabled fetch_compressed in CDN resource and want to enable brotli_compression in a rule, you must specify fetch_compressed:false in the rule.

Show child attributes

options.brotli_compression.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.brotli_compression.value

enum<string>[]

required

Allows to select the content types you want to compress.

text/html is a mandatory content type.

Available options:

application/javascript,

application/json,

application/vnd.ms-fontobject,

application/wasm,

application/x-font-ttf,

application/x-javascript,

application/xml,

application/xml+rss,

image/svg+xml,

image/x-icon,

text/css,

text/html,

text/javascript,

text/plain,

text/xml

Example:

{
  "enabled": true,
  "value": ["text/html", "text/plain"]
}

options.browser_cache_settings

object

Cache expiration time for users browsers in seconds.

Cache expiration time is applied to the following response codes: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.

Responses with other codes will not be cached.

Show child attributes

options.browser_cache_settings.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.browser_cache_settings.value

string<nginx time>

required

Set the cache expiration time to '0s' to disable caching.

The maximum duration is any equivalent to 1y.

Example:

{ "enabled": true, "value": "3600s" }

options.cache_http_headers

object

deprecated

Legacy option. Use the response_headers_hiding_policy option instead.

HTTP Headers that must be included in the response.

Show child attributes

options.cache_http_headers.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.cache_http_headers.value

string[]

required

Maximum string length: 1024

Example:

{
  "enabled": false,
  "value": [
    "vary",
    "content-length",
    "last-modified",
    "connection",
    "accept-ranges",
    "content-type",
    "content-encoding",
    "etag",
    "cache-control",
    "expires",
    "keep-alive",
    "server"
  ]
}

options.cors

object

Enables or disables CORS (Cross-Origin Resource Sharing) header support.

CORS header support allows the CDN to add the Access-Control-Allow-Origin header to a response to a browser.

Show child attributes

options.cors.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.cors.value

string[]

required

Value of the Access-Control-Allow-Origin header.

Possible values:

Adds * as the Access-Control-Allow-Origin header value - Content will be uploaded for requests from any domain. "value": ["*"]
Adds "$http_origin" as the Access-Control-Allow-Origin header value if the origin matches one of the listed domains - Content will be uploaded only for requests from the domains specified in the field. "value": ["domain.com", "second.dom.com"]
Adds "$http_origin" as the Access-Control-Allow-Origin header value - Content will be uploaded for requests from any domain, and the domain from which the request was sent will be added to the "Access-Control-Allow-Origin" header in the response. "value": ["$http_origin"]

options.cors.always

boolean

default:false

Defines whether the Access-Control-Allow-Origin header should be added to a response from CDN regardless of response code.

Possible values:

true - Header will be added to a response regardless of response code.
false - Header will only be added to responses with codes: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.

Example:

{
  "enabled": true,
  "value": ["domain.com", "domain2.com"],
  "always": true
}

options.country_acl

object

Enables control access to content for specified countries.

Show child attributes

options.country_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.country_acl.policy_type

enum<string>

required

Defines the type of CDN resource access policy.

Possible values:

allow - Access is allowed for all the countries except for those specified in excepted_values field.
deny - Access is denied for all the countries except for those specified in excepted_values field.

Available options:

allow,

deny

options.country_acl.excepted_values

string<country-code>[]

required

List of countries according to ISO-3166-1.

The meaning of the parameter depends on policy_type value:

allow - List of countries for which access is prohibited.
deny - List of countries for which access is allowed.

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "allow",
  "excepted_values": ["GB", "DE"]
}

options.disable_cache

object

deprecated

Legacy option. Use the edge_cache_settings option instead.

Allows the complete disabling of content caching.

Show child attributes

options.disable_cache.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.disable_cache.value

boolean

required

Possible values:

true - content caching is disabled.
false - content caching is enabled.

Example:

{ "enabled": true, "value": false }

options.disable_proxy_force_ranges

object

Allows 206 responses regardless of the settings of an origin source.

Show child attributes

options.disable_proxy_force_ranges.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.disable_proxy_force_ranges.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.edge_cache_settings

object

Cache expiration time for CDN servers.

value and default fields cannot be used simultaneously.

Show child attributes

options.edge_cache_settings.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.edge_cache_settings.value

string<nginx time>

Caching time.

The value is applied to the following response codes: 200, 206, 301, 302. Responses with codes 4xx, 5xx will not be cached.

Use 0s to disable caching.

The maximum duration is any equivalent to 1y.

options.edge_cache_settings.custom_values

object

A MAP object representing the caching time in seconds for a response with a specific response code.

These settings have a higher priority than the value field.

Use any key to specify caching time for all response codes.
Use 0s value to disable caching for a specific response code.

Show child attributes

options.edge_cache_settings.custom_values.{key}

string<nginx time>

options.edge_cache_settings.default

string<nginx time>

Enables content caching according to the origin cache settings.

The value is applied to the following response codes 200, 201, 204, 206, 301, 302, 303, 304, 307, 308, if an origin server does not have caching HTTP headers.

Responses with other codes will not be cached.

The maximum duration is any equivalent to 1y.

Example:

{
  "enabled": true,
  "value": "43200s",
  "custom_values": { "100": "43200s" }
}

options.fastedge

object

Allows to configure FastEdge app to be called on different request/response phases.

Note: At least one of on_request_headers, on_request_body, on_response_headers, or on_response_body must be specified.

Show child attributes

options.fastedge.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.fastedge.on_request_headers

object

Allows to configure FastEdge application that will be called to handle request headers as soon as CDN receives incoming HTTP request.

Show child attributes

options.fastedge.on_request_headers.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_request_headers.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_request_headers.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_request_headers.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_request_headers.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

options.fastedge.on_request_body

object

Allows to configure FastEdge application that will be called to handle request body as soon as CDN receives incoming HTTP request.

Show child attributes

options.fastedge.on_request_body.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_request_body.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_request_body.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_request_body.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_request_body.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

options.fastedge.on_response_headers

object

Allows to configure FastEdge application that will be called to handle response headers before CDN sends the HTTP response.

Show child attributes

options.fastedge.on_response_headers.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_response_headers.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_response_headers.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_response_headers.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_response_headers.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

options.fastedge.on_response_body

object

Allows to configure FastEdge application that will be called to handle response body before CDN sends the HTTP response.

Show child attributes

options.fastedge.on_response_body.app_id

string

required

The ID of the application in FastEdge.

Example:

"1001"

options.fastedge.on_response_body.enabled

boolean

default:true

Determines if the FastEdge application should be called whenever HTTP request headers are received.

Example:

true

options.fastedge.on_response_body.interrupt_on_error

boolean

default:true

Determines if the request execution should be interrupted when an error occurs.

Example:

true

options.fastedge.on_response_body.execute_on_edge

boolean

default:true

Determines if the request should be executed at the edge nodes.

Example:

true

options.fastedge.on_response_body.execute_on_shield

boolean

default:false

Determines if the request should be executed at the shield nodes.

Example:

false

Example:

{
  "enabled": true,
  "on_request_headers": {
    "enabled": true,
    "app_id": "1001",
    "interrupt_on_error": true
  }
}

options.fetch_compressed

object

Makes the CDN request compressed content from the origin.

The origin server should support compression. CDN servers will not decompress your content even if a user browser does not accept compression.

Notes:

fetch_compressed is not supported with gzipON or brotli_compression or slice options enabled.
fetch_compressed overrides gzipON and brotli_compression in rule. If you enable it in CDN resource and want to use gzipON and brotli_compression in a rule, you have to specify "fetch_compressed": false in the rule.

Show child attributes

options.fetch_compressed.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.fetch_compressed.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": false }

options.follow_origin_redirect

object

Enables redirection from origin. If the origin server returns a redirect, the option allows the CDN to pull the requested content from the origin server that was returned in the redirect.

Show child attributes

options.follow_origin_redirect.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.follow_origin_redirect.codes

enum<integer>[]

required

Redirect status code that the origin server returns.

To serve up to date content to end users, you will need to purge the cache after managing the option.

Minimum array length: 1

Available options:

301,

302,

303,

307,

308

Example:

{ "enabled": true, "codes": [302, 308] }

options.force_return

object

Applies custom HTTP response codes for CDN content.

The following codes are reserved by our system and cannot be specified in this option: 408, 444, 477, 494, 495, 496, 497, 499.

Show child attributes

options.force_return.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.force_return.code

integer

required

Status code value.

Required range: 100 <= x <= 599

options.force_return.body

string

required

URL for redirection or text.

Maximum string length: 255

options.force_return.time_interval

object

Controls the time at which a custom HTTP response code should be applied. By default, a custom HTTP response code is applied at any time.

Show child attributes

options.force_return.time_interval.start_time

string

required

Time from which a custom HTTP response code should be applied. Indicated in 24-hour format.

Example:

"06:00"

options.force_return.time_interval.end_time

string

required

Time until which a custom HTTP response code should be applied. Indicated in 24-hour format.

Example:

"18:00"

options.force_return.time_interval.time_zone

string<timezone>

default:UTC

Time zone used to calculate time.

Example:

"Europe/Luxembourg"

Example:

{
  "enabled": true,
  "code": 301,
  "body": "http://example.com/redirect_address",
  "time_interval": {
    "start_time": "09:00",
    "end_time": "20:00",
    "time_zone": "CET"
  }
}

options.forward_host_header

object

Forwards the Host header from a end-user request to an origin server.

hostHeader and forward_host_header options cannot be enabled simultaneously.

Show child attributes

options.forward_host_header.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.forward_host_header.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": false, "value": false }

options.gzipOn

object

Compresses content with gzip on the CDN end. CDN servers will request only uncompressed content from the origin.

Notes:

Compression with gzip is not supported with fetch_compressed or slice options enabled.
fetch_compressed option in CDN resource settings overrides gzipON in rules. If you enable fetch_compressed in CDN resource and want to enable gzipON in rules, you need to specify "fetch_compressed":false for rules.

Show child attributes

options.gzipOn.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.gzipOn.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.hostHeader

object

Sets the Host header that CDN servers use when request content from an origin server. Your server must be able to process requests with the chosen header.

If the option is null, the Host Header value is equal to first CNAME.

hostHeader and forward_host_header options cannot be enabled simultaneously.

Show child attributes

options.hostHeader.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.hostHeader.value

string

required

Host Header value.

Maximum string length: 2048

Example:

{ "enabled": true, "value": "host.com" }

Defines whether the files with the Set-Cookies header are cached as one file or as different ones.

Show child attributes

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

Possible values:

true - Option is enabled, files with cookies are cached as one file.
false - Option is disabled, files with cookies are cached as different files.

Example:

{ "enabled": true, "value": true }

options.ignoreQueryString

object

How a file with different query strings is cached: either as one object (option is enabled) or as different objects (option is disabled.)

ignoreQueryString, query_params_whitelist and query_params_blacklist options cannot be enabled simultaneously.

Show child attributes

options.ignoreQueryString.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.ignoreQueryString.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": false }

options.image_stack

object

Transforms JPG and PNG images (for example, resize or crop) and automatically converts them to WebP or AVIF format.

Show child attributes

options.image_stack.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.image_stack.avif_enabled

boolean

default:false

Enables or disables automatic conversion of JPEG and PNG images to AVI format.

options.image_stack.webp_enabled

boolean

default:false

Enables or disables automatic conversion of JPEG and PNG images to WebP format.

options.image_stack.quality

integer

default:95

Defines quality settings for JPG and PNG images. The higher the value, the better the image quality, and the larger the file size after conversion.

Required range: 1 <= x <= 100

options.image_stack.png_lossless

boolean

default:false

Enables or disables compression without quality loss for PNG format.

Example:

{
  "enabled": true,
  "avif_enabled": true,
  "webp_enabled": false,
  "quality": 80,
  "png_lossless": true
}

options.ip_address_acl

object

Controls access to the CDN resource content for specific IP addresses.

Show child attributes

options.ip_address_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.ip_address_acl.policy_type

enum<string>

required

IP access policy type.

Possible values:

allow - Allow access to all IPs except IPs specified in "excepted_values" field.
deny - Deny access to all IPs except IPs specified in "excepted_values" field.

Available options:

allow,

deny

options.ip_address_acl.excepted_values

string<ipv4net or ipv6net>[]

required

List of IP addresses with a subnet mask.

The meaning of the parameter depends on policy_type value:

allow - List of IP addresses for which access is prohibited.
deny - List of IP addresses for which access is allowed.

Examples:

192.168.3.2/32
2a03:d000:2980:7::8/128

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "deny",
  "excepted_values": ["192.168.1.100/32"]
}

options.limit_bandwidth

object

Allows to control the download speed per connection.

Show child attributes

options.limit_bandwidth.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.limit_bandwidth.limit_type

enum<string>

required

Method of controlling the download speed per connection.

Possible values:

static - Use speed and buffer fields to set the download speed limit.
dynamic - Use query strings speed and buffer to set the download speed limit.

For example, when requesting content at the link

http://cdn.example.com/video.mp4?speed=50k&buffer=500k

the download speed will be limited to 50kB/s after 500 kB.

Available options:

static,

dynamic

options.limit_bandwidth.speed

integer

Maximum download speed per connection.

Required range: 1 <= x <= 1000000000

options.limit_bandwidth.buffer

integer

Amount of downloaded data after which the user will be rate limited.

Required range: 0 <= x <= 1000000000

Example:

{
  "enabled": true,
  "limit_type": "static",
  "speed": 100,
  "buffer": 200
}

options.proxy_cache_key

object

Allows you to modify your cache key. If omitted, the default value is $request_uri.

Combine the specified variables to create a key for caching.

$request_uri
$scheme
$uri

Warning: Enabling and changing this option can invalidate your current cache and affect the cache hit ratio. Furthermore, the "Purge by pattern" option will not work.

Show child attributes

options.proxy_cache_key.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_cache_key.value

string

required

Key for caching.

Maximum string length: 255

Example:

{ "enabled": true, "value": "$scheme$uri" }

options.proxy_cache_methods_set

object

Caching for POST requests along with default GET and HEAD.

Show child attributes

options.proxy_cache_methods_set.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_cache_methods_set.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": false }

options.proxy_connect_timeout

object

The time limit for establishing a connection with the origin.

Show child attributes

options.proxy_connect_timeout.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_connect_timeout.value

string

required

Timeout value in seconds.

Supported range: 1s - 5s.

Example:

{ "enabled": true, "value": "4s" }

options.proxy_read_timeout

object

The time limit for receiving a partial response from the origin. If no response is received within this time, the connection will be closed.

Note: When used with a WebSocket connection, this option supports values only in the range 1–20 seconds (instead of the usual 1–30 seconds).

Show child attributes

options.proxy_read_timeout.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.proxy_read_timeout.value

string

required

Timeout value in seconds.

Supported range: 1s - 30s.

Example:

{ "enabled": true, "value": "10s" }

options.query_params_blacklist

object

Files with the specified query parameters are cached as one object, files with other parameters are cached as different objects.

ignoreQueryString, query_params_whitelist and query_params_blacklist options cannot be enabled simultaneously.

Show child attributes

options.query_params_blacklist.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.query_params_blacklist.value

string[]

required

List of query parameters.

Example:

{
  "enabled": true,
  "value": ["some", "blacklisted", "query"]
}

options.query_params_whitelist

object

Files with the specified query parameters are cached as different objects, files with other parameters are cached as one object.

ignoreQueryString, query_params_whitelist and query_params_blacklist options cannot be enabled simultaneously.

Show child attributes

options.query_params_whitelist.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.query_params_whitelist.value

string[]

required

List of query parameters.

Example:

{
  "enabled": true,
  "value": ["some", "whitelisted", "query"]
}

options.query_string_forwarding

object

Show child attributes

options.query_string_forwarding.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.query_string_forwarding.forward_from_file_types

string[]

required

options.query_string_forwarding.forward_to_file_types

string[]

required

options.query_string_forwarding.forward_only_keys

string[]

options.query_string_forwarding.forward_except_keys

string[]

Example:

{
  "enabled": true,
  "forward_from_file_types": ["m3u8", "mpd"],
  "forward_to_file_types": ["ts", "mp4"],
  "forward_only_keys": ["auth_token", "session_id"],
  "forward_except_keys": ["debug_info"]
}

options.redirect_http_to_https

object

Enables redirect from HTTP to HTTPS.

redirect_http_to_https and redirect_https_to_http options cannot be enabled simultaneously.

Show child attributes

options.redirect_http_to_https.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.redirect_http_to_https.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.redirect_https_to_http

object

Enables redirect from HTTPS to HTTP.

redirect_http_to_https and redirect_https_to_http options cannot be enabled simultaneously.

Show child attributes

options.redirect_https_to_http.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.redirect_https_to_http.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": false, "value": true }

options.referrer_acl

object

Controls access to the CDN resource content for specified domain names.

Show child attributes

options.referrer_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.referrer_acl.policy_type

enum<string>

required

Policy type.

Possible values:

allow - Allow access to all domain names except the domain names specified in excepted_values field.
deny - Deny access to all domain names except the domain names specified in excepted_values field.

Available options:

allow,

deny

options.referrer_acl.excepted_values

string<domain or wildcard>[]

required

List of domain names or wildcard domains (without protocol: http:// or https://.)

The meaning of the parameter depends on policy_type value:

allow - List of domain names for which access is prohibited.
deny - List of IP domain names for which access is allowed.

Examples:

example.com
*.example.com

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "deny",
  "excepted_values": ["example.com", "*.example.net"]
}

options.request_limiter

object

Option allows to limit the amount of HTTP requests.

Show child attributes

options.request_limiter.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.request_limiter.rate

integer

required

Maximum request rate.

Required range: x >= 1

options.request_limiter.rate_unit

enum<string>

default:r/s

Units of measurement for the rate field.

Possible values:

r/s - Requests per second.
r/m - Requests per minute.

If the rate is less than one request per second, it is specified in request per minute (r/m.)

Available options:

r/s,

r/m

options.request_limiter.burst

integer

options.request_limiter.delay

integer

Example:

{
  "enabled": true,
  "rate_unit": "r/s",
  "rate": 5,
  "burst": 5,
  "delay": 0
}

options.response_headers_hiding_policy

object

Hides HTTP headers from an origin server in the CDN response.

Show child attributes

options.response_headers_hiding_policy.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.response_headers_hiding_policy.mode

enum<string>

required

How HTTP headers are hidden from the response.

Possible values:

show - Hide only HTTP headers listed in the excepted field.
hide - Hide all HTTP headers except headers listed in the "excepted" field.

Available options:

hide,

show

options.response_headers_hiding_policy.excepted

string<http_header>[]

required

List of HTTP headers.

Parameter meaning depends on the value of the mode field:

show - List of HTTP headers to hide from response.
hide - List of HTTP headers to include in response. Other HTTP headers will be hidden.

The following headers are required and cannot be hidden from response:

Connection
Content-Length
Content-Type
Date
Server

Maximum array length: 256

Maximum string length: 128

Example:

{
  "enabled": true,
  "mode": "hide",
  "excepted": ["my-header"]
}

options.rewrite

object

Changes and redirects requests from the CDN to the origin. It operates according to the Nginx configuration.

Show child attributes

options.rewrite.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.rewrite.body

string

required

Path for the Rewrite option.

Example:

/(.*) /media/$1

Maximum string length: 255

options.rewrite.flag

enum<string>

default:break

Flag for the Rewrite option.

Possible values:

last - Stop processing the current set of ngx_http_rewrite_module directives and start a search for a new location matching changed URI.
break - Stop processing the current set of the Rewrite option.
redirect - Return a temporary redirect with the 302 code; used when a replacement string does not start with http://, https://, or $scheme.
permanent - Return a permanent redirect with the 301 code.

Available options:

break,

last,

redirect,

permanent

Example:

{
  "enabled": true,
  "body": "/(.*) /additional_path/$1",
  "flag": "break"
}

options.secure_key

object

Configures access with tokenized URLs. This makes impossible to access content without a valid (unexpired) token.

Show child attributes

options.secure_key.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.secure_key.key

string | null

required

Key generated on your side that will be used for URL signing.

Maximum string length: 255

options.secure_key.type

enum<integer>

default:0

Type of URL signing.

Possible types:

Type 0 - Includes end user IP to secure token generation.
Type 2 - Excludes end user IP from secure token generation.

Available options:

0,

2

Example:

{
  "enabled": true,
  "key": "secretkey",
  "type": 2
}

options.slice

object

Requests and caches files larger than 10 MB in parts (no larger than 10 MB per part.) This reduces time to first byte.

The option is based on the Slice module.

Notes:

Origin must support HTTP Range requests.
Not supported with gzipON, brotli_compression or fetch_compressed options enabled.

Show child attributes

options.slice.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.slice.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.sni

object

The hostname that is added to SNI requests from CDN servers to the origin server via HTTPS.

The option works only if originProtocol parameter is HTTPS or MATCH.

Show child attributes

options.sni.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.sni.custom_hostname

string<domain>

required

Custom SNI hostname.

It is required if sni_type is set to custom.

Maximum string length: 255

options.sni.sni_type

enum<string>

default:dynamic

SNI (Server Name Indication) type.

Possible values:

dynamic - SNI hostname depends on hostHeader and forward_host_header options. It has several possible combinations:
If the hostHeader option is enabled and specified, SNI hostname matches the Host header.
If the forward_host_header option is enabled and has true value, SNI hostname matches the Host header used in the request made to a CDN.
If the hostHeader and forward_host_header options are disabled, SNI hostname matches the primary CNAME.
custom - custom SNI hostname is in use.

Available options:

dynamic,

custom

Example:

{
  "enabled": true,
  "sni_type": "custom",
  "custom_hostname": "custom.example.com"
}

options.stale

object

Serves stale cached content in case of origin unavailability.

Show child attributes

options.stale.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.stale.value

enum<string>[]

required

Defines list of errors for which "Always online" option is applied.

Available options:

error,

http_403,

http_404,

http_429,

http_500,

http_502,

http_503,

http_504,

invalid_header,

timeout,

updating

Example:

{
  "enabled": true,
  "value": ["http_404", "http_500"]
}

options.static_response_headers

object

Custom HTTP Headers that a CDN server adds to a response.

Show child attributes

options.static_response_headers.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.static_response_headers.value

object[]

required

Maximum array length: 50

Show child attributes

options.static_response_headers.value.name

string

required

HTTP Header name.

Restrictions:

Maximum 128 symbols.
Latin letters (A-Z, a-z,) numbers (0-9,) dashes, and underscores only.

Maximum string length: 128

options.static_response_headers.value.value

string[]

required

Header value.

Restrictions:

Maximum 512 symbols.
Letters (a-z), numbers (0-9), spaces, and symbols (`~!@#%%^&*()-_=+ /|";:?.,><{}[]).
Must start with a letter, number, asterisk or {.
Multiple values can be added.

options.static_response_headers.value.always

boolean

default:false

Defines whether the header will be added to a response from CDN regardless of response code.

Possible values:

true - Header will be added to a response from CDN regardless of response code.
false - Header will be added only to the following response codes: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.

Example:

{
  "enabled": true,
  "value": [
    {
      "name": "X-Example",
      "value": ["Value_1"],
      "always": true
    },
    {
      "name": "X-Example-Multiple",
      "value": ["Value_1", "Value_2", "Value_3"],
      "always": false
    }
  ]
}

options.staticHeaders

object

deprecated

Legacy option. Use the static_response_headers option instead.

Custom HTTP Headers that a CDN server adds to response. Up to fifty custom HTTP Headers can be specified. May contain a header with multiple values.

Show child attributes

options.staticHeaders.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.staticHeaders.value

object

required

A MAP for static headers in a format of header_name: header_value.

Restrictions:

Header name - Maximum 128 symbols, may contain Latin letters (A-Z, a-z), numbers (0-9), dashes, and underscores.
Header value - Maximum 512 symbols, may contain letters (a-z), numbers (0-9), spaces, and symbols (`~!@#%%^&*()-_=+ /|";:?.,><{}[]). Must start with a letter, number, asterisk or {.

Example:

{
  "enabled": true,
  "value": {
    "X-Example": "Value_1",
    "X-Example-Multiple": ["Value_2", "Value_3"]
  }
}

options.staticRequestHeaders

object

Custom HTTP Headers for a CDN server to add to request. Up to fifty custom HTTP Headers can be specified.

Show child attributes

options.staticRequestHeaders.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.staticRequestHeaders.value

object

required

A MAP for static headers in a format of header_name: header_value.

Restrictions:

Header name - Maximum 255 symbols, may contain Latin letters (A-Z, a-z), numbers (0-9), dashes, and underscores.
Header value - Maximum 512 symbols, may contain letters (a-z), numbers (0-9), spaces, and symbols (`~!@#%%^&*()-_=+ /|";:?.,><{}[]). Must start with a letter, number, asterisk or {.

Show child attributes

options.staticRequestHeaders.value.{key}

string

Example:

{
  "enabled": true,
  "value": {
    "Header-One": "Value 1",
    "Header-Two": "Value 2"
  }
}

options.user_agent_acl

object

Controls access to the content for specified User-Agents.

Show child attributes

options.user_agent_acl.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.user_agent_acl.policy_type

enum<string>

required

User-Agents policy type.

Possible values:

allow - Allow access for all User-Agents except specified in excepted_values field.
deny - Deny access for all User-Agents except specified in excepted_values field.

Available options:

allow,

deny

options.user_agent_acl.excepted_values

string<user_agent>[]

required

List of User-Agents that will be allowed/denied.

The meaning of the parameter depends on policy_type:

allow - List of User-Agents for which access is prohibited.
deny - List of User-Agents for which access is allowed.

Use an empty string "" to allow/deny access when the User-Agent header is empty.

Maximum array length: 600

Maximum string length: 255

Example:

{
  "enabled": true,
  "policy_type": "allow",
  "excepted_values": ["UserAgent Value", ""]
}

options.waap

object

Allows to enable WAAP (Web Application and API Protection).

Show child attributes

options.waap.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.waap.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

options.websockets

object

Enables or disables WebSockets connections to an origin server.

Show child attributes

options.websockets.enabled

boolean

required

Controls the option state.

Possible values:

true - Option is enabled.
false - Option is disabled.

options.websockets.value

boolean

required

Possible values:

true - Option is enabled.
false - Option is disabled.

Example:

{ "enabled": true, "value": true }

Overview

IAM

CDN

Managed DNS

Cloud

DDoS Protection

FastEdge

WAAP

Streaming

Object Storage

Resellers

Authorizations

Path Parameters

Body

Response