Cloudflare Docs
Ruleset Engine
Edit this page on GitHub
Set theme to dark (⇧+D)

Rule expressions

The Rules language supports two kinds of expressions: simple and compound.

​​ Simple expressions

Simple expressions compare a value from an HTTP request to a value defined in the expression. For example, this simple expression matches Microsoft Exchange Autodiscover requests:

http.request.uri.path matches "/autodiscover\.(xml|src)$"

Simple expressions have the following syntax:

<field> <comparison_operator> <value>

Where:

  • Fields specify properties associated with an HTTP request.

  • Comparison operators define how values must relate to actual request data for an expression to return true.

  • Values represent the data associated with fields. When evaluating a rule, Cloudflare compares these values with the actual data obtained from the request.

​​ Compound expressions

Compound expressions use logical operators such as and to combine two or more expressions into a single expression.

For example, this expression uses the and operator to target requests to www.example.com that are not on ports 80 or 443:

host eq www.example.com and not cf.edge.server_port in {80 443}

Compound expressions have the following general syntax:

<expression> <logical_operator> <expression>

Compound expressions allow you to generate sophisticated, highly targeted rules.

​​ Maximum rule expression length

The maximum length of a rule expression is 4,096 characters.

This limit applies whether you use the visual Expression Builder to define your expression, or write the expression manually in the Expression Editor.

​​ Additional features

You can also use the following Rules language features in your expressions:

  • Grouping symbols allow you to explicitly group expressions that should be evaluated together.

  • Functions allow you to manipulate and validate values in expressions.