Skip to content

Origin Rules

Origin Rules allow you to customize where the incoming traffic will go and with which parameters. Currently you can perform the following overrides:

The origin rule expression will determine when these overrides will be applied.

For more complex and customized modifications, consider using Snippets.


Rules templates

Cloudflare provides you with rules templates for common use cases. In the dashboard, go to your zone > Rules > Templates and select one of the available templates. You can also refer to the Examples gallery in the developer docs.

Availability

Free Pro Business Enterprise

Availability

Yes

Yes

Yes

Yes

Number of rules

10 25 50 125

Override Host header

No

No

No

Yes

Override SNI

No

No

No

Yes

Override DNS records

No

No

No

Yes

Override destination port

Yes

Yes

Yes

Yes

Execution order

The execution order of Rules features is the following:

The different types of rules listed above will take precedence over Page Rules. This means that Page Rules will be overridden if there is a match for both Page Rules and the Rules products listed above.

Generally speaking, for non-terminating actions the last change made by rules in the same phase will win (later rules can overwrite changes done by previous rules). However, for terminating actions (Block, Redirect, or one of the challenge actions), rule evaluation will stop and the action will be executed immediately.

For example, if multiple rules with the Redirect action match, Cloudflare will always use the URL redirect of the first rule that matches. Also, if you configure URL redirects using different Cloudflare products (Single Redirects and Bulk Redirects), the product executed first will apply, if there is a rule match (in this case, Single Redirects). Refer to the Phases list for the product execution order.

Important remarks

If you override the hostname with an origin rule (via Host header override or DNS record override) and add a header override to your load balancer configuration, the origin rule will take precedence over the load balancer configuration.

Like Page Rules, an origin rule performing a Host header override will update the SNI value of the original request to the same value of the Host header. To set an SNI value different from the Host header override, add an SNI override in the same origin rule or create a separate origin rule for this purpose.

Troubleshooting

When troubleshooting origin rules, use Cloudflare Trace to determine if a rule is triggering for a specific URL.