Cloudlets API Match Rules

Once a Cloudlet policy has been created, you can then add match rules to an existing version of that policy, or when you create a new policy version.

NOTE: The maximum number of rules per Cloudlets policy is currently 5,000. However, there is no limit to the number of Cloudlets policies you can create.

Working with Match Rules

When working with Cloudlets match rules, all of the match criteria are included in the matchRules array.

Within the matchRules array, it is common to use the matches array, which defines potential conditions, like case sensitivity (caseSensitive) or the type of match (matchType). These properties apply to all Cloudlets.

You use the matchType properties to set up the part of the request that the rule applies to, like redirect URL (matchURL) or path and query string (pathAndQS).

For additional examples, see Cloudlet-Specific Match Examples.

When a Cloudlet executes, the first rule applied is the first one that is true based on criteria in the incoming request.

Match Rule Considerations

When setting up rules for Cloudlets, be aware of the following:

  • There is currently no way to implement an else case in a rule.

  • There are no child rules within Cloudlet policies.

  • When a new policy is created, version 1 of the policy is also created. This version is empty: it contains neither a description nor any match rules (matchRules).

  • If you clone an existing policy, the matchRules for version 1 of the new policy are copied from the most recent version of the cloned policy.

Match Rule Versions

When setting up the rules for a Cloudlet policy version, you first need to determine the matchRuleFormat to use. The matchRuleFormat attribute indicates the version of the Cloudlet-specific matchRules JSON, and uses the following format: <major#>.<minor#>. The major number always matches the value in the URI pathname (…/api/version/…). The current major version is 2. The minor number changes as attributes are added to or removed from the resource objects.

NOTE: If you issue a PUT or POST request for Cloudlet policy versions that include matchRules, you also need to use the matchRuleFormat property.

Locking Rules

The rulesLocked property is automatically set to true when a policy version is activated on a network. When rulesLocked equals true, the policy version’s rules can no longer be edited. No further PUTs are allowed against the policy version.

If the rules are locked for a policy version, you must create a new policy version to continue editing the policy.

NOTE: If desired, use the cloning parameter, cloneVersion, to edit the policy.

Matching with Wildcards

You can use wildcard characters (* and ?) for the following match types: cookie, header, path, extension, filename, query, and hostname.

NOTE: The cookie and query matches only accept wildcards for the value, not the cookie or query name. For example, "matchValue":"cookiename=m*nster" would be valid, but "matchValue":"c*kiename=m*nster" would not.

As a wildcard, the asterisk represents zero or more characters in a string of characters, and the question mark represents a single character.

With the exception of hostname, when using a wildcard with this API, you need to set the matchOperator parameter to contains. For hostname, the contains setting is not required. If you enter an asterisk in the hostname property, it is automatically treated as a wildcard.

Wildcard Match Example

In the following example, the first match listed uses a wildcard: the matchvalue of /products/wildcards/*.jpg matches on any .jpg file in the /products/wildcards/ directory. This is because the matchOperator is contains.

The second match, however, literally looks for a file called *.jpg because the matchOperator is equals.

{
    "matchRules": [{
        "matchURL": null,
        "matches": [{
            "matchType": "path",
            "matchValue": "/products/wildcards/*.jpg",
            "matchOperator": "contains",
            "negate": false,
            "caseSensitive": false
        },
        {
            "matchType": "path",
            "matchValue": "/products/literals/*.jpg",
            "matchOperator": "equals",
            "negate": false,
            "caseSensitive": false
        },
        "start": 0,
        "end": 0,
        "type": "apMatchRule",
        "useIncomingQueryString": false,
        "passThroughPercent": "50",
        "name": "RequiredNameField",
        "id": null
}

Matching with Regular Expressions

For the Audience Segmentation, Edge Redirector, Forward Rewrite, and Input Validation Cloudlets, you can now use regular expressions to match on the fully qualified incoming request URL.

The regular expression can be up to 256 characters. If your regular expression includes any characters that have a special use in regular expressions (like ., +, or ?), you must use a backslash (\) to escape each special character.

For Cloudlets, RE2 is supported. RE2 is a library for regular expressions with a C++ interface that uses the finite-state machine (FSM) computational model. Go to Google’s re2 repository or a similar site, for information about RE2’s syntax.

For Edge Redirector, you can also use the information from capture groups in regular expressions to form the redirect URL. For Audience Segmentation and Forward Rewrite you can use the information from capture groups in regular expressions to form the forward path and, if desired, the query string. Input Validation does not support capture groups.

Capture groups allow you to capture incoming information from the source URL, while substitution patterns allow you to refer to those capture groups in the modified URL. Substitution patterns use the backslash character (\) followed by a number to refer to the capture groups. For example, \1 is the first capture group, \2 is the second, etc.

NOTE: The regular expressions match for Cloudlets supports a maximum of nine numbered substitutions using capture groups.

Regular Expression Match Example

The following is an example of a Forward Rewrite match rule that contains a regular expression.

{
    "matchRules": [
        {
            "matches": [
                {
                    "matchType": "regex",
                    "matchValue": "^https?://(?:[A-z0-9|\\.]*)/(.*)",
                    "matchOperator": "equals",
                    "negate": false,
                    "caseSensitive": false
                }
            ],
            "start": 0,
            "end": 0,
            "type": "frMatchRule",
            "forwardSettings": {
                "pathAndQS": "/\\1&amp;extra_param=bar",
                "useIncomingQueryString": false
            },
            "id": null
        }
    ],
    "matchRuleFormat": "1.0",
    "rulesLocked": false
}

In this example, the regular expression value is ^https?://(?:[A-z0-9|\.]*)/(.*) and the forward path and query string value containing a substitution pattern is /\1&amp;extra_param=bar. When this rule is activated, all requests to http://www.example.com/path1/path2/home.html?query=foo would retrieve content from http://www.example.com/path1/path2/home.html?query=foo&amp;extra_param=bar without changing the URL.

Match Types that Support Multiple Values

The following matchType properties support multiple space-separated values (not names): extension, hostname, path, and query. When setting up a rule using these match types, you can accidentally create a rule that never matches a request, like the following:

        "matches": [
            {
                "matchType": "query",
                "matchValue": "p=x",
                "matchOperator": "equals",
                "negate": false,
                "caseSensitive": false
            }
            {
                "matchType": "query",
                "matchValue": "p=y",
                "matchOperator": "equals",
                "negate": false,
                "caseSensitive": false
            }
        ],

The separate match conditions in this example do not work because the incoming request has to have both p=x and p=y, which is not valid. However, if matchValue:"p=x y", it means a match occurs if either p=x or p=y is in the incoming request.

Matches in Requests and Responses

When adding match rule criteria to the JSON request for a POST or PUT operation on the /policies/nnnn/versions/n endpoint, you set up the matchRules array after defining the matchRuleFormat. Here, for example, is a PUT request that adds an Edge Redirector rule with matches based on the incoming request header:

{
   "description" : "Edge Redirector Header Rules",
   "matchRuleFormat" : "1.0",
   "matchRules" : [
        {
        "type": "erMatchRule",
        "end": 1403127780,
        "id": 0,
        "matches": [
            {
            "matchOperator": "contains",
            "matchType": "header",
            "objectMatchValue": {
                "type": "object",
                "name": "contentType",
                "nameCaseSensitive": false,
                "nameHasWildcard": false,
                "options": {
                    "value": [
                        "text/html*",
                        "text/css*",
                        "application/x-javascript*"
                    ],
                    "valueHasWildcard": true,
                    "valueCaseSensitive": false
                }
            }
        },
        {
            "matchOperator": "exists",
            "matchType": "header",
            "objectMatchValue": {
                "type": "object",
                "name": "Cache-Control",
                "nameCaseSensitive": false,
                "nameHasWildcard": false
            },
            "negate": false
        }
    ],
    "name": rule1,
    "redirectURL": "http://www.redirect.com",
    "start": 1403041407,
    "statusCode": 301,
    "useIncomingQueryString": false
}

NOTE: The response includes the same match information you provided in the request.

Match Properties

This section provides information on the various types of properties used with Cloudlets match rules.

Match Rules Properties

The Match Rules (matchRules) array contains all of your rules and includes the following properties, which vary based on the Cloudlet you are using:

Property Type Description Cloudlets
allowDeny Enumeration If set to allow, the request is sent to origin when all conditions are true. If deny, the request is denied when all conditions are true. If denybranded, the request is denied and rerouted according to the configuration of the Request Control behavior. Request Control
disabled Boolean Optional. If set to true, disables a rule so it is not evaluated against incoming requests. The default setting is false. All
end Integer The end time for this match. Enter the value in UTC in seconds since the epoch. All
forwardSettings Object This property defines data used to construct a new request URL if all conditions are met. If all of the conditions you set are true, then the Edge Server returns an HTTP response from the rewritten URL. The following properties can be used with this object: originId, pathAndQS, percent, and useIncomingQueryString. Audience Segmentation, Forward Rewrite
id Integer Akamai internal use only. All
jsInsertion Boolean If set to true, inserts MediaMath’s JavaScript tag into the requested page. Cloud Marketing, Cloud Marketing Plus
matches Array See matches below. All
matchURL String If using a URL match, this property is the URL that the Cloudlet uses to match the incoming request. Edge Redirector, Forward Rewrite
name String The name of the rule. All
originId String The ID of the Cloudlets Origin requests are forwarded to. To retrieve the originId, run a GET on the /cloudlets/api/v2/properties endpoint. Application Load Balancer, Audience Segmentation, Cloud Marketing, Cloud Marketing Plus, Forward Rewrite, Phased Release
passThroughPercent Number The range 0.000: 99.000 specifies the percentage of requests that pass through to the origin. The value of 100 means the request always passes through to the origin. For Visitor Prioritization, a value of -1 means send everyone to the waiting room. API Prioritization, Visitor Prioritization
pathAndQS String If a value is provided and match conditions are met, this property defines the path/resource/query string to rewrite URL for the incoming request. Audience Segmentation, Forward Rewrite
redirectURL String The URL Edge Redirector redirects the request to. If using useRelativeUrl, you can enter a path for the value. Edge Redirector
start Integer The start time for this match. Enter the value in UTC in seconds since the epoch. All
statusCode Integer The HTTP response status code, which is either 301 (permanent redirect) or 302 (temporary redirect). Edge Redirector
type String The type of Cloudlet the rule is for. For example, the string for Visitor Prioritization is vpMatchRule. All
useIncomingQueryString Boolean If set to true, the Cloudlet includes the query string from the request in the rewritten or forwarded URL. Audience Segmentation, Edge Redirector, Forward Rewrite
useIncomingSchemeAndHost Boolean If set to true, the Cloudlet copies both the protocol/scheme and the hostname from the incoming request to use in the redirect URL. Edge Redirector
useRelativeUrl Enumeration If set to relative_url, takes the path entered for the redirectUrl and sets it in the response’s Location header. The client or browser receiving the request decides which protocol and hostname to use.
If set to copy_scheme_hostname, creates an absolute path by taking the protocol and hostname from the incoming request and combining them with path information entered for the redirectUrl. This absolute path is set in the response’s Location header.
If this property is not included, or is set to none, then the redirectUrl should be fully-qualified URL.
Edge Redirector

Match Conditions Properties

Each object within the matches array defines potential conditions, like case sensitivity (caseSensitive) or the type of match (matchType). These properties apply to all Cloudlets.

A matches property contains an array of objects with the following properties/conditions:

Property Type Description
caseSensitive Boolean If true, the match is case sensitive.
checkIPs Enumeration For clientip, continent, countrycode, proxy, and regioncode match types, the part of the request that determines the IP address to use. Values include the connecting IP address (CONNECTING_IP) and the X_Forwarded_For header (XFF_HEADERS). To select both, enter the two values separated by a space delimiter. When both values are included, the connecting IP address is evaluated first.
matchOperator Enumeration Valid entries for this property are contains, exists, and equals.
matchType Enumeration The type of match used. Possible values include the hostname (hostname) or the cookie (cookie). See the Match Type Property section.
matchValue String This depends on the matchType. If the matchType is hostname, then matchValue is the fully qualified domain name, like www.akamai.com. See the examples in the Match Type Property table.
negate Boolean If true, negates the match.
objectMatchValue Object An object used when a rule either includes more complex match criteria, like multiple value attributes, or a range match.

Match Value Object Properties

The following table lists the properties available for the objectMatchValue object:

Property Type Description
type Enumeration The array type, which can be one of the following: object, range, or simple. Use the simple option when adding only an array of string-based values.
name Array If using a match type that supports name attributes, enter the value in the incoming request to match on. The following match types support this property: cookie, header, parameter, and query.
nameCaseSensitive Boolean Set to true if the entry for the name property should be evaluated based on case sensitivity.
nameHasRegex Boolean Set to true if the entry for the name property is a regular expression.
nameHasWildcard Boolean Set to true if the entry for the name property includes wildcards.
value Array If using the simple or range array types, enter the value attributes in the incoming request to match on. Valid entries vary by match type. For example, GET and POST are valid entries for the method match type, while any integer is valid for the numberOfFields match type.
valueCaseSensitive Boolean Set to true if the entries for the value property should be evaluated based on case sensitivity.
valueHasRegex Boolean Set to true if the entries for the value property includes a capture group for a regular expression.
valueHasWildcard Boolean Set to true if the entries for the value property includes wildcards.
options Array If using the object type, use this array to list the values to match on.

Match Type Property

The matchType properties provide information about the match types used to conditionally pass through the request.

NOTE: Match types with an “m” support multiple space-separated values (not names).

Match Type Description Example Match Value
all A match of all incoming requests. Note that in the Cloudlets Policy Manager application, this match type is called Default. Not applicable
clientip The IPv4 address or CIDR list to match on. 182.1.0.0
clientipv6 The IPv6 address or CIDR list to match on. 0:0:0:0:0:ffff:b601:0
continent The continent to match on. See Continent Codes for a list of valid codes. SA
cookie The cookie values to match on. name=value1
countrycode The country to match on. See Country Codes for a list of valid codes. US
deviceCharacteristics The device characteristic to match on. See Device Characteristics Match Values for the list of available match values. is_mobile=true
extension (m) The file extensions to match on. jpg png gif
header The parts of the request header to match on. See Matches in Requests and Responses for an example.
hostname (m) The hostnames to match on. www.akamai.com
method The HTTP method used for the request. GET
numberOfFields A match based on the number of form fields included in an incoming request. See Input Validation for an example.
parameter Matches based on the following form parameters: field names and field values. See Input Validation for an example.
path (m) The URL paths to match on. /clothing/children/shoes/shoe1.jpg
protocol The protocol to match on. You can only enter a single value in this field. http
proxy The type of proxy to match on. Values include anonymous, transparent, and both. anonymous
query (m) The query string values to match on. name or name=value1 or name=value1 value2
range A range of two numbers between 1 and 100 (inclusive) for the random value assigned to a user. If the random value assigned to an incoming request falls within this range, the match is true. See Audience Segmentation for an example.
regex The regular expression to match on. ab(c.)d+
regioncode The region within a country to match on, like a state or province. See Region Codes for a list of valid codes. MA

Device Characteristics Match Values

The following values are available for the deviceCharacteristics match type:

Match Value Description
accept_third_party_cookie Indicates whether the device, by default, accepts a cookie set from a pixel in a page of a different domain.
ajax_support_javascript Indicates whether the device supports asynchronous JavaScript and XML (AJAX), a set of programming techniques.
cookie_support Indicates whether the device’s browser supports cookies. However, this device characteristic does not indicate that cookies exist. In addition, if the value is false because the native browser does not support cookies, cookies may be supported using other methods.
full_flash_support Indicates whether the device has full Flash support.
is_mobile Indicates whether the requesting device is a mobile device.
is_tablet Indicates whether the device is a tablet.
is_wireless_device Indicates whether the device is, or is not, wireless. A mobile phone returns true, but a desktop or laptop returns false.

Supported Match Types by Cloudlet

The following table lists, by Cloudlet, the supported match types:

Cloudlet Supported Match Types
Application Load Balancer all, clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, query, regioncode
API Prioritization clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, regioncode
Audience Segmentation clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, range, regex,regioncode
Cloud Marketing clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, regioncode
Cloud Marketing Plus clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, regioncode
Edge Redirector all, clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, regex, regioncode
Forward Rewrite clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, regex, regioncode
Input Validation clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, numberOfFields, parameter, path, protocol, proxy, query, regex, regioncode
Phased Release all, clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, regioncode
Request Control all, clientip, clientipv6, continent, cookie, countrycode, header, method, path, proxy, query, regioncode,
Visitor Prioritization clientip, clientipv6, continent, cookie, countrycode, deviceCharacteristics, extension, header, hostname, method, path, protocol, proxy, query, regioncode

Cloudlet-Specific Match Examples

For each of the following Cloudlets, this section provides match rule examples:

Application Load Balancer

The Application Load Balancer Cloudlet provides intelligent, scalable traffic management across physical, virtual, and cloud-hosted data centers without requiring the origin to send load feedback. This Cloudlet can automatically detect load conditions and route traffic to the optimal data source while maintaining custom routing policies and consistent visitor session behavior for your visitors.

Match Rule Example

For the following Application Load Balancer match rule, any URL that uses the HTTP protocol, has a domain name of source.com, and includes test=null as a query string is sent to the appropriate data center based on the load balancing settings.

{
    "matchRules": [{
        "type": "albMatchRule",
        "matches": [{
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "protocol",
            "matchValue": "http",
            "negate": false
        },
        {
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "query",
            "matchValue": "test=null",
            "negate": false
        }],
        "name": "rule 1",
        "disabled": false,
        "forwardSettings":{"originId":"ALBOrigin_1"},
        "useIncomingQueryString": false
    }]
}

API Prioritization

API Prioritization allows you to specify, for applications that call resources of various formats (like JSON or XML), which calls are given priority and are sent to the origin during high-demand situations. Based on information in the inbound request, you configure the rules that determine which calls are prioritized.

Match Rule Example

For this example, if the incoming URL has an extension of .jsp, 50% of the time the static response is served.

{
    "matchRules": [{
        "matchURL": null,
        "matches": [{
            "matchType": "extension",
            "matchValue": "jsp",
            "matchOperator": "equals",
            "negate": false,
            "caseSensitive": false
            }],
        "start": 0,
        "end": 0,
        "disabled": false,
        "type": "apMatchRule",
        "useIncomingQueryString": false,
        "passThroughPercent": "50",
        "name": "RequiredNameField",
        "id": null
    }]
}

Audience Segmentation

Audience Segmentation provides traffic segmentation and stickiness without degrading performance, which is often beneficial for A/B and multivariate testing. This Cloudlet creates stable test populations by assigning a cookie value to the user based on the rules you define.

This Cloudlet supports a range match. When setting up a range match, enter the two numbers that comprise the range. If the random value assigned to an incoming request falls within this range (inclusive), the match is true.

NOTE: You can only include one Range Match per rule.

Match Rule Example

For this example, if the incoming request is assigned a value between 1 and 25 (inclusive), the request is forwarded to the /sales/Q1 directory. Any query strings from the incoming request is appended to the forward request URL.

{
    "matchRules": [{
        "matches": [{
            "matchType": "range",
            "objectMatchValue": {"type": "range","value": [1,25]},
            "matchOperator": "equals","negate": false,"caseSensitive": false}],
        "start": 0,
        "end": 0,
        "disabled": false,
        "type": "asMatchRule",
        "forwardSettings": {
            "originId": "originremote2",
            "useIncomingQueryString": true,
            "pathAndQS": "/sales/Q1/"},
        "name": "Q1SalesTestPop",
        "id": null
    }]
}

Cloud Marketing

If you are a MediaMath customer, Cloud Marketing allows you to add JavaScript tags to your site’s pages that can communicate with MediaMath without requiring a third-party call on every page.

Match Rule Example

For this match rule, if the incoming URL includes /content/sales/ in its path, then the MediaMath JavaScript tags are added to the requested page.

{
    "matchRules": [{
        "name": "JS_Insertion_for_Sales",
        "type": "mmbMatchRule",
        "start": 0,
        "end": 0,
        "id": 0,
        "matchURL": null,
        "matches": [{
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "path",
            "matchValue": "/content/sales/",
            "negate": false
        }],
        "jsInsertion": true,
        "disabled": false,
    }]
}

Cloud Marketing Plus

If you are a MediaMath customer, Cloud Marketing allows you to add JavaScript tags to your site’s pages that can communicate with MediaMath and its partners without requiring a third-party call on every page.

Match Rule Example

For this match rule, if the incoming URL includes /content/sales/ in its path, then the MediaMath JavaScript tags are added to the requested page.

{
    "matchRules": [{
        "name": "JS_Insertion_for_Sales",
        "type": "mmbMatchRule",
        "start": 0,
        "end": 0,
        "id": 0,
        "matchURL": null,
        "matches": [{
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "path",
            "matchValue": "/content/sales/",
            "negate": false
        }],
        "jsInsertion": true,
        "disabled": false
    }]
}

Edge Redirector

Edge Redirector helps you more efficiently manage large numbers of redirects. By executing redirects at the Akamai Edge, you can reduce round trips to the origin and offload hits from your origin infrastructure.

Match Rule Example

For the following Edge Redirector match rule, any URL that uses the HTTP protocol, has a domain name of example.com, and includes test=null as a query string redirects to the following URL http://testredirect.akamai.com/test.html.

{
    "matchRules": [{
        "type": "erMatchRule",
        "end": 0,
        "id": 0,
        "matchURL": null,
        "matches": [{
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "protocol",
            "matchValue": "http",
            "negate": false
        },
        {
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "hostname",
            "matchValue": "example.com",
            "negate": false
        },
        {
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "query",
            "matchValue": "test=null",
            "negate": false
        }],
        "name": "rule 1",
        "redirectURL": "HTTP://testredirect.akamai.com/test.html",
        "disabled": false,
        "start": 0,
        "statusCode": 302,
        "useIncomingQueryString": false
    }]
}

Forward Rewrite

Forward Rewrite helps you create, based on in-bound request information, human-readable and search engine optimization-friendly (SEO-friendly) URLs for dynamically-generated pages.

Match Rule Example

For this match rule, if the incoming URL has http for the protocol or the hostname includes example1.com, the forward URL has the following path appended to it: /test_images/simpleimg.jpg.

{
    "matchRules": [{
        "type": "frMatchRule",
        "disabled": false,
        "end": 0,
        "id": 0,
        "matchURL": null,
        "forwardSettings": {
            "pathAndQS": "/test_images/simpleimg.jpg",
            "useIncomingQueryString": true },
        "matches": [{
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "protocol",
            "matchValue": "http",
            "negate": false
        },
        {
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "hostname",
            "matchValue": "example1.com",
            "negate": false
        }],
        "name": "rule 1",
        "start": 0
    }]
}

Input Validation

The Input Validation Cloudlet helps protect your business by confirming that the values submitted into a web application are well-formed and comply with your policies. In addition, this Cloudlet lets you to limit the number of valid form submissions and invalid attempts per user. Once the limit is reached, additional requests are denied (403) or are redirected (302) to a custom “penalty box.”

Match Rule Example

For the following Input Validation rule, a match is valid if the request uses the HTTP POST method; includes exactly five fields; and, of those five fields, one of them is called User.

{
    "matchRules": [{
        "type": "ivMatchRule",
        "disabled": false,
        "id": 0,
        "matches"[{
            "caseSensitive": false,
            "matchOperator": "equals",
            "matchType": "method",
            "negate": false,
            "objectMatchValue": {"type": "simple","value": ["POST"]}
        },
        {
            "caseSensitive": false,
            "matchOperator": "equals",
            "matchType": "numberOfFields",
            "negate": false,
            "objectMatchValue": {"type": "simple","value": ["5"]}
        },{
            "caseSensitive": false,
            "matchOperator": "required",
            "matchType": "parameter",
            "negate": false,
            "objectMatchValue": {"type": "object","name": "User","options": {"value": []}
        }
        }],
        "name": "SubscriberValidation",
        "start": 0},
        "end": 0
}

Phased Release

Phased Release provides, at the edge, a mechanism to define a percentage of your visitors and direct them to a different origin while maintaining visitor stickiness. This Cloudlet can help facilitate a fast rollout of code changes to production with real users, allowing you to move some visitors to a new experience or deployment while retaining the flexibility to roll back immediately should you encounter challenges.

Match Rule Example

For this Phased Release example, 30% of the incoming requests from the 23.235.39.74 IP address are forwarded to the mynetstorage Cloudlet origin.

{
    "matchRules": [{
        "matches": [{
            "matchType": "clientip",
            "matchValue": "23.235.39.74",
            "checkIPs": "CONNECTING_IP",
            "matchOperator": "equals",
            "negate": false,
            "caseSensitive": false}],
        "start": 0,
        "end": 0,
        "disabled": false,
        "type": "cdMatchRule",
        "forwardSettings": {
            "percent": 30,
            "originId": "mynetstorage"},
        "name": "IP_39.74_rule",
        "id": null
    }]
}

Request Control

Request Control allows you to provide conditional access to your website or application by defining and managing whitelists and blacklists based on a number of match criteria, including the IP address and geography associated with incoming requests.

Match Rule Example

For the following Request Control match rule, a request from the 72.246.0.0/16 or 192.0.2.0 address or from the United States are allowed through to the site.

{
    "matchRules": [{
        "type": "igMatchRule",
        "end": 0,
        "id": 0,
        "matches": [{
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "clientip",
            "matchValue": "72.246.0.0/16 192.0.2.0",
            "checkIPs": "CONNECTING_IP XFF_HEADERS",
            "negate": false
        },
        {
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "countrycode",
            "matchValue": "US",
            "checkIPs": "CONNECTING_IP",
            "negate": false
        }],
        "name": "rule 1",
        "disabled": false,
        "allowDeny":"denybranded",
        "start": 0
       }]
}

Visitor Prioritization

Visitor Prioritization helps maintain business continuity for your dynamic application through the use of a waiting room page in high-demand situations.

Match Rule Example

For the following Visitor Prioritization match rule, any URL that uses the HTTP protocol, has a domain name of source.com, and includes test=null as a query string, bypasses the waiting room and is sent directly to the origin.

{
    "matchRules": [{
        "type": "vpMatchRule",
        "end": 0,
        "id": 0,
        "matchURL": null,
        "matches": [{
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "protocol",
            "matchValue": "http",
            "negate": false
        },
        {
            "caseSensitive": false,
            "matchOperator": "contains",
            "matchType": "query",
            "matchValue": "test=null",
            "negate": false
        }],
        "name": "rule 1",
        "disabled": false,
        "start": 0,
        "passThroughPercent":11,
        "useIncomingQueryString": false
    }]
}

Last modified: 1/9/2017