Page Rules
Directory Structure
|-- page_rules/
|-- 001-core-rules.yaml
|-- 002-other-rules.yaml
|-- ...
You can define multiple page rules in a single YAML configuration file.
Parameter Description
| Parameter | Data Type | Required | Description |
|---|---|---|---|
| enable_rule | bool | Yes | Rule enable status (enabled or disabled) |
| conditions | array | No | Set of preconditions for the rule to take effect |
| actions | dict | No | Actions triggered after the rule is matched |
| waf | dict | No | Web Application Firewall (WAF) configuration |
| cache | dict | No | Cache-related configuration |
| content | dict | No | Return specified content when the rule is matched |
| proxy | dict | No | Proxy the request to a specified upstream when the rule is matched |
| last | bool | No | Whether to stop processing subsequent rules after the current rule matches |
Note that content and proxy should not be used in the same page rule.
For more detailed parameter descriptions and usage examples, please refer to the following documents:
- Condition Configuration
- Action Configuration
- WAF Configuration
- Cache Configuration
- Content Configuration
- Proxy Configuration
Configuration Example
- enable_rule: true
conditions:
- var: uri
op: eq
vals:
- /hello
waf:
rule_sets:
- scanner_detection
- protocol_enforcement
- application_attack_xss
- application_attack_sqli
sensitivity: medium
action: "403 Forbidden"
cross_requests: false
actions:
set-proxy-uri:
uri: /hello/world
cache:
cache_key:
- name: req-header
args: customid
- name: 'query-string'
enforce_cache: true
default_ttls:
- ttl_unit: min
status: 200
ttl: 300
proxy:
retries: -1
upstream:
- cluster_type: http
cluster_name: app_upstream_name1
- cluster_type: http
cluster_name: app_upstream_name2
balancer:
algorithm: roundrobin
upstream_el_code: ''
connect_timeout: 6
sticky:
enable: true
mode: none
ttl: 1
key: Edge-Sticky
level: upstream
retry_condition:
- error
- timeout
- invalid_header
- http_500
- http_502
- http_504
send_timeout: 6
read_timeout: 6
- enable_rule: true
order: 8
conditions:
- var: uri
op: prefix
val: /file1
content:
type: file
file: dir1/setup.sh
In the first page rule, when the URI equals /hello, the rule will be triggered:
- Activate WAF rule sets.
- Set the proxy URI to
/hello/world. - Use
app_upstream_name1andapp_upstream_name2within the HTTP application as upstream servers. - Implement a caching strategy where the cache key is composed of the
customidfrom the request header and the query string, with a default cache TTL of 300 minutes.
In the second page rule, when the URI equals /file1, it directly returns the file content of dir1/setup.sh.