Match fields in rule expressions-Edge Security Acceleration(ESA)-阿里云帮助中心

Match fields specify the request attributes that ESA evaluates in rule expressions. Use them to target specific HTTP, IP, or TLS attributes in requests and responses.

Field categories

ESA supports three types of match fields:

Standard fields: Attributes from standard protocols (HTTP, IP, TLS) in client requests or responses, such as hostname, request headers, and response headers.
Extended fields: Derived values that ESA computes from client requests or responses, such as TLS fingerprints and JavaScript verification results.
Original fields: Unmodified property values from client requests that ESA preserves across function modules.

Standard fields

Standard fields represent HTTP and IP attributes from client requests.

http.cookie

The Cookie header in an HTTP request.

Field name	Cookie
Type	String
Case-sensitive	Yes
Empty match value	Allowed
Example	`"sessionid=330688;userid=abc123"`
Usage restrictions	Support for match fields across different features

http.host

The hostname in an HTTP request.

Field name	Hostname
Type	String
Case-sensitive	No
Empty match value	Not allowed
Example	`"www.example.com"`
Usage restrictions	Support for match fields across different features

http.referer

The Referer header in an HTTP request.

Field name	Referer
Type	String
Case-sensitive	No
Empty match value	Allowed
Example	`"http://www.example.com/index"`
Usage restrictions	Support for match fields across different features

http.request.body.form

The request body in form format when the Content-Type header is application/x-www-form-urlencoded, represented as a Map (associative array).

Field name	Body Query String
Type	`Map<Array<String>>`
Example	`{"username":["admin"]}`
Usage restrictions	Support for match fields across different features

http.request.body.mime

The MIME type detected in the HTTP request body. Supports common MIME types for video, audio, image, application, and text content.

Field name	MIME Type
Type	String
Example	`"application/json"`
Usage restrictions	Support for match fields across different features

http.request.cookies

The Cookie header in an HTTP request, represented as a map (associative array).

Field name	Cookie Value
Type	String
Case-sensitive	Yes
Empty match value	Allowed
Example	`{"sessionid":["330668"]}`
Usage restrictions	Support for match fields across different features

http.request.full_uri

The complete URI of an HTTP request, including the protocol, hostname, path, and query string.

Field name	Full URI
Type	String
Case-sensitive	Yes
Empty match value	Not allowed
Example	`"https://www.example.com/image/cat.jpg?width=400&height=300&format=webp"`
Usage restrictions	Support for match fields across different features

http.request.headers

All headers in an HTTP request, represented as a map (associative array). Header names (keys) are normalized to lowercase.

Field name	Header
Type	Object
Case-sensitive	Yes
Empty match value	Allowed
Example	`{"content-type":["application/json"]}`
Usage restrictions	Support for match fields across different features

http.request.method

The HTTP request method.

Field name	Request Method
Type	String
Example	`"GET"`
Usage restrictions	Support for match fields across different features

http.request.timestamp.sec

The UNIX timestamp (in seconds) when the ESA POP receives an HTTP request.

Field name	Request Timestamp
Type	Integer
Example	`1735019278`
Usage restrictions	Support for match fields across different features

http.request.uri

The URI of an HTTP request, including the path and query string.

Field name	URI
Type	String
Case-sensitive	Yes
Empty match value	Not allowed
Example	`"/image/cat.jpg?width=400&height=300&format=webp"`
Usage restrictions	Support for match fields across different features

http.request.uri.args

The query string in the URI of an HTTP request, represented as a map (associative array).

Field name	URI Query String Parameter
Type	`Map<Array<String>>`
Case-sensitive	Yes
Empty match value	Allowed
Example	`{"format":["webp"]}`
Usage restrictions	Support for match fields across different features

A null value is allowed only with the following match operators: equal to, not equal to, contains, or matches regex.

http.request.uri.path

The path component of an HTTP request URI.

Field name	URI Path
Type	String
Case-sensitive	Yes
Empty match value	Not allowed
Example	`"/image/cat.jpg"`
Usage restrictions	Support for match fields across different features

http.request.uri.path.extension

The file extension in the URI path of an HTTP request.

Field name	File Name Extension
Type	String
Case-sensitive	Yes
Empty match value	Not allowed
Usage restrictions	Support for match fields across different features

URI path	Field value
/cat	""
/cat.jpg	"jpg"
/.jpg	""
/.cat.jpg	"jpg"
/cat.jpg.tar	"tar"
/cat.	""
/cat.JPG	"JPG"

http.request.uri.path.file_name

The file name (without extension) in the URI path of an HTTP request.

Field name	File Name
Type	String
Case-sensitive	Yes
Empty match value	Not allowed
Usage restrictions	Support for match fields across different features

URI path	Field value
/cat	"cat"
/cat.jpg	"cat"
/.jpg	""
/.cat.jpg	".cat"
/cat.jpg.tar	"cat.jpg"
/cat.	"cat"
/CAT.jpg	"CAT"

http.request.uri.path.full_file_name

The full file name (including extension) in the URI path of an HTTP request.

Field name	Full File Name
Type	String
Case-sensitive	Yes
Empty match value	Not allowed
Example	`"cat.jpg"`
Usage restrictions	Support for match fields across different features

http.request.uri.query

The query string of an HTTP request URI.

Field name	URI Query String
Type	String
Case-sensitive	Yes
Empty match value	Not allowed
Example	`"width=400&height=300&format=webp"`
Usage restrictions	Support for match fields across different features

http.request.version

The HTTP protocol version of a request.

Field name	HTTP Version
Type	String
Example	`"HTTP/1.0"`, `"HTTP/1.1"`, `"HTTP/2.0"`, `"HTTP/3.0"`
Usage restrictions	Support for match fields across different features

http.user_agent

The User-Agent header in an HTTP request.

Field name	User Agent
Type	String
Case-sensitive	Yes
Empty match value	Allowed
Example	`"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.X.X Safari/537.36"`
Usage restrictions	Support for match fields across different features

http.x_forwarded_for

The X-Forwarded-For header in an HTTP request.

Field name	X-Forwarded-For
Type	String
Case-sensitive	Yes
Empty match value	Allowed
Example	`"192.168.0.1, 10.10.0.1"`
Usage restrictions	Support for match fields across different features

ip.geoip.asnum

The Autonomous System Number (ASN) associated with the source IP address. When the IP address cannot be identified, the default value 0 is used. For more information, see What is an ASN?

Field name	ASN
Type	Integer
Example	`37963`
Usage restrictions	Support for match fields across different features

ip.geoip.continent

The continent associated with the source IP address. Uses the default value XX when the continent cannot be identified.

Field name	Continent
Type	String
Example	`AS`
Usage restrictions	Support for match fields across different features

Continent name	Continent code
Africa	AF
Antarctica	AN
Asia	AS
Europe	EU
North America	NA
Oceania	OC
South America	SA

ip.geoip.country

The country or region associated with the source IP address. Uses the default value XX when the country or region cannot be identified. For more information, see ISO 3166 standard.

Field name	Country or Region
Type	String
Case-sensitive	No
Empty match value	Not allowed
Example	`"CN"`
Usage restrictions	Support for match fields across different features

ip.src

The IP address the client uses to connect to the ESA POP.

Field name	Client IP
Type	IP address
Case-sensitive	No
Empty match value	Not allowed
Example	`192.0.2.1`
Usage restrictions	Support for match fields across different features

ip.src.isp

The Internet Service Provider (ISP) associated with the source IP address.

Field name	ISP
Type	String
Example	`"100017"`
Usage restrictions	Support for match fields across different features

ISP name	ISP code
China Telecom	100017
China Mobile	100025
China Unicom	100026
China Netcom	100016
China Tietong	100020
Great Wall Broadband	100061
China Education and Research Network (CERNET)	100027
China Broadcasting Network	1000139
Beijing Gehua CATV Network	100080
Dr.Peng Group	1000143
Alibaba	100098
Alibaba Cloud	1000323
Tencent	1000401
Baidu	100099
ChinaNetCenter	100093

ip.src.version

The IP protocol version of the source IP address.

Field name	IP Version
Type	String
Example	`"IPv4"`, `"IPv6"`
Usage restrictions	Support for match fields across different features

ip.src.subdivision_1_iso_code

The ISO code of the first-level administrative subdivision (such as province or state) for the source IP address. For more information, see ISO 3166 standard.

Field name	Province
Type	String
Case-sensitive	Yes
Example	`"CN-ZJ"`
Usage restrictions	Support for match fields across different features

ip.src.region_code

The region code of the load balancer region associated with the source IP address.

Field name	Load Balancer Region
Type	String
Case-sensitive	Yes
Example	`"EAS"`
Usage restrictions	Support for match fields across different features

Region name	Region code
Eastern Europe	EEU
Western Europe	WEU
North America	NAM
South America	SAM
Middle East	ME
North Africa	NAF
South Africa	SAF
Oceania	OC
East Asia	EAS
Southeast Asia	SEAS
South Asia	SAS
Chinese Mainland	CNM

Note

This field is supported only in load balancers.

ip.src.city

The city code associated with the source IP address. Uses the default value XX when the IP address cannot be identified.

Note

ESA nodes have limited precision when identifying geolocation at the city level. Do not use this field for request blocking scenarios.

Field name	City Code
Type	String
Example	`"310000"`
Usage restrictions	Support for match fields across different features

ip.src.city_name

The city name associated with the source IP address. Uses the default value XX when the IP address cannot be identified.

Field name	City Name
Type	String
Example	`"hangzhou"`
Usage restrictions	Support for match fields across different features

ip.src.lon

The longitude associated with the source IP address. Uses the default value XX when the IP address cannot be identified.

Field name	Longitude
Type	Float
Example	`120.12`
Usage restrictions	Support for match fields across different features

ip.src.lat

The latitude associated with the source IP address. Uses the default value XX when the IP address cannot be identified.

Field name	Latitude
Type	Float
Example	`30.16`
Usage restrictions	Support for match fields across different features

ip.src.postal_code

The postal code associated with the source IP address. Uses the default value XX when the IP address cannot be identified.

Field name	Postal Code
Type	String
Example	`"310000"`
Usage restrictions	Support for match fields across different features

ip.src.timezone

The timezone associated with the source IP address. Uses the default value XX when the IP address cannot be identified.

Field name	Timezone
Type	String
Example	`"UTC+8"`
Usage restrictions	Support for match fields across different features

ssl

Whether the request uses SSL/TLS encryption.

Field name	SSL/HTTPS
Type	Boolean
Example	`true`
Usage restrictions	Support for match fields across different features

Extended fields

Extended fields capture attributes beyond standard protocols (IP, HTTP, TLS) in client requests.

ali.ja3_hash

The JA3 fingerprint, an MD5 hash of Client Hello fields during the TLS handshake (TLS version, cipher suites, extensions, elliptic curves, and point format).

Field name	JA3 Fingerprint
Type	String
Example	`d0bfcdbbf2c6aeb4e0fbcf8234fd6cb6`
Usage restrictions	Support for match fields across different features

ali.ja4

The JA4 fingerprint. JA4 extends JA3 by incorporating additional handshake information to improve fingerprint uniqueness and accuracy.

Field name	JA4 Fingerprint
Type	String
Example	`d0bfcdbbf2c6aeb4e0fbcf8234fd6cb6`
Usage restrictions	Support for match fields across different features

ali.js_detection.passed

Whether the client passed the JavaScript verification challenge.

Field name	JavaScript Verified
Type	Boolean
Example	`true`
Usage restrictions	Support for match fields across different features

ali.static_resource

Whether the request targets a static resource.

Field name	Static Request
Type	Boolean
Example	`true`
Usage restrictions	Support for match fields across different features

ali.tls_client_auth.cert_verified

Whether the client certificate passed verification during mutual TLS (mTLS) authentication.

Field name	Client Certificate Verified
Type	Boolean
Example	`true`
Usage restrictions	Support for match fields across different features

ali.tls_hash

A hash value derived from the TLS handshake information in the request.

Field name	TLS Fingerprint
Type	String
Example	`ABC123HASH`
Usage restrictions	Support for match fields across different features

ali.site.name

The site name corresponding to the domain in the client request URL.

Field name	Site Name
Type	String
Example	`"example.com"`
Usage restrictions	Support for match fields across different features

Original fields

Original fields preserve unmodified client request values across ESA function modules.

http.request.body.raw

The unprocessed body content of an HTTP request.

Field name	HTTP Request Body
Type	String
Example	`"ABC123"`
Usage restrictions	Support for match fields across different features

Support for match fields across different features

Match fields(Select Match fields from the list below to view supported fields.)

-- Not selected / Clear -- ali.ja3_hash ali.ja4 ali.js_detection.passed ali.static_resource ali.tls_client_auth.cert_verified ali.tls_hash ali.site.name http.cookie http.host http.referer http.request.body.form http.request.body.mime http.request.body.raw http.request.cookies http.request.full_uri http.request.headers http.request.method http.request.timestamp.sec http.request.uri http.request.uri.args http.request.uri.path http.request.uri.path.extension http.request.uri.path.file_name http.request.uri.path.full_file_name http.request.uri.query http.request.version http.user_agent http.x_forwarded_for ip.geoip.asnum ip.geoip.continent ip.geoip.country ip.src ip.src.isp ip.src.region_code ip.src.city ip.src.city_name ip.src.lon ip.src.lat ip.src.postal_code ip.src.timezone ip.src.subdivision_1_iso_code ip.src.version ssl

Query result

Please select a row in the "Match fields" list above to see how the field is supported in each Feature (indicated by ✓/—).

ali.ja3_hash support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ali.ja4 support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ali.js_detection.passed support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ali.static_resource support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ali.tls_client_auth.cert_verified support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ali.tls_hash support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.cookie support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.host support across different features

Feature	Supported
SSL/TLS rules	✓
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.referer support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.body.form support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.body.mime support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.body.raw support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.cookies support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.full_uri support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.headers support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.method support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.timestamp.sec support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	✓
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.uri support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.uri.args support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.uri.path support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.uri.path.extension support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.uri.path.file_name support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	×
WAF custom rules	×
WAF rate limiting rules	×
WAF managed rules	×
WAF scan protection rules	×
WAF allowlist rules	×
BOT Advanced mode	×

http.request.uri.path.full_file_name support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.uri.query support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.request.version support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.user_agent support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

http.x_forwarded_for support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.geoip.asnum support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.geoip.continent support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.geoip.country support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.isp support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.region_code support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	✓
Function routing	×
Security rules	×
WAF custom rules	×
WAF rate limiting rules	×
WAF managed rules	×
WAF scan protection rules	×
WAF allowlist rules	×
BOT Advanced mode	×

ip.src.subdivision_1_iso_code support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.version support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ali.site.name support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	×
Rewrite URL	×
Modify inbound request headers	×
Modify outbound request headers	×
Modify inbound response headers	×
Modify outbound response headers	×
Custom response code	×
Request redirect	×
Error code redirect	×
Cache rules	×
Network optimization rules	×
File compression	×
Image optimization	×
Video processing	×
Origin rules	×
Waiting room rules	×
Version management	×
Load balancer	×
Function routing	×
Security rules	×
WAF custom rules	×
WAF rate limiting rules	×
WAF managed rules	×
WAF scan protection rules	×
WAF allowlist rules	×
BOT Advanced mode	✓

ip.src.city support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.city_name support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.lon support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.lat support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.postal_code support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ip.src.timezone support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓

ssl support across different features

Feature	Supported
SSL/TLS rules	×
HTTPS rules	✓
Rewrite URL	✓
Modify inbound request headers	✓
Modify outbound request headers	✓
Modify inbound response headers	✓
Modify outbound response headers	✓
Custom response code	✓
Request redirect	✓
Error code redirect	✓
Cache rules	✓
Network optimization rules	✓
File compression	✓
Image optimization	✓
Video processing	✓
Origin rules	✓
Waiting room rules	✓
Version management	✓
Load balancer	✓
Function routing	✓
Security rules	✓
WAF custom rules	✓
WAF rate limiting rules	✓
WAF managed rules	✓
WAF scan protection rules	✓
WAF allowlist rules	✓
BOT Advanced mode	✓