Rule expressions
The Rules language supports two kinds of expressions: simple and compound.
Simple expressions
Simple expressions compare a value from an HTTP request to a value defined in the expression. For example, this simple expression matches Microsoft Exchange Autodiscover requests:
http.request.uri.path matches "/autodiscover\.(xml|src)$"
Simple expressions have the following syntax:
<field> <comparison_operator> <value>
Where:
-
Fields specify properties associated with an HTTP request.
-
Comparison operators define how values must relate to actual request data for an expression to return
true
. -
Values represent the data associated with fields. When evaluating a rule, Cloudflare compares these values with the actual data obtained from the request.
Compound expressions
Compound expressions use logical operators such as and
to combine two or more expressions into a single expression.
For example, this expression uses the and
operator to target requests to www.example.com
that are not on ports 80 or 443:
host eq www.example.com and not cf.edge.server_port in {80 443}
Compound expressions have the following general syntax:
<expression> <logical_operator> <expression>
Compound expressions allow you to generate sophisticated, highly targeted rules.
Maximum rule expression length
The maximum length of a rule expression is 4,096 characters.
This limit applies whether you use the visual Expression Builder to define your expression, or write the expression manually in the Expression Editor.
Additional features
You can also use the following Rules language features in your expressions:
-
Grouping symbols allow you to explicitly group expressions that should be evaluated together.
-
Functions allow you to manipulate and validate values in expressions.