HTTP Header
Last update:2024-07-15 14:30:39
CDNetworks provides an HTTP header management feature that gives you flexible control over the HTTP request and response headers exchanged between CDN nodes, clients, and your origin server. This allows you to customize header behavior to optimize security, caching, and other aspects of your content delivery.
Based on your needs, you can add, replace, or delete HTTP headers in four directions: CDN to Origin Request, CDN to Client Response, CDN Receives Origin Response, and CDN Receives Client Request.
How to Add HTTP Header Rules
- Log in to the CDNetworks Console and select the appropriate product.
- Navigate to the Configuration, locate the domain you wish to configure,and click on Edit Configuration on the top or the Edit button to the right of the domain
. - On the Edit Configuration page, locate HTTP Protocol Optimization - HTTP Header, and click Manually Enter to start creating a new HTTP header rule.
- Configure rule details: The following options are available:
Define Effective Range for Your HTTP Header
Specify the effective range this header rule should apply to. You can choose from these options:
| Parameter | Description |
|---|---|
| All Requests | Applies to all types of requests under the domain. |
| Homepage Only | Applies only to requests in the root directory format, such as http://domain/ or https://domain/. |
| Specific File Types | Applies to specific file types. Select common file types from the list or define custom file types. Separate multiple types with a semicolon ;, e.g., jpg;png. |
| Specific URI | Applies to content requests for designated URIs, excluding the http:// or https:// prefix. Separate multiple URIs with line breaks. For example, for http://www.test.com/browse/index.html, please enter /browse/index.html. |
| Specific Directory | Applies to content requests under certain directories, e.g., /file/abc/ for all content under http://domain/file/abc/*.Note: Directories must start and end with / and can only include letters, numbers, and some special characters (underscore, hyphen, percent sign, period). Separate multiple directories with line breaks. |
As shown above, you can further refine the rule’s effective range using Advanced Range Settings. This will intersect with the basic effective range for precise control. Select one or more parameters to form an AND relationship with the basic effective range to target specific requests or responses.
| Parameter | Description |
|---|---|
| User Agent (UA) | Matches User Agent strings using regex, e.g., ^Mozilla/4\.0$ for User Agents starting and ending with Mozilla/4.0. |
| Exception UA | Excludes User Agents using regex. |
| Status Code | Matches specific HTTP status codes. Separate multiple codes with ;, e.g., 200;404. |
| Exception Status Code | Excludes specific HTTP status codes. |
| Exception File Types | Excludes certain file types. Separate multiple types with ;. |
| Custom File Types | Excludes custom file types as needed. Separate multiple types with ;. |
| Exception Directory | Excludes specific directory paths. Paths must start and end with /. Separate multiple directories with ;. |
| Request Method | Matches HTTP request methods. Separate multiple methods with ;, e.g., GET;POST. |
| Exception Request Method | Excludes specific HTTP request methods. |
| Request Header | Matches request headers and their values. Separate with a space, e.g., Range bytes=[0-9]{9,} for Range headers with values starting with bytes= followed by at least 9 digits. |
| Exception Request Header | Excludes specific request headers and values, using the same format as Request Header. |
| Response Header | Matches response headers and their values. Separate with a space, e.g., cache-control max-age= for cache-control headers with values containing max-age=. |
| Exception Response Header | Excludes specific response headers and values, using the same format as Response Header. |
| Exception URL (Regex) | Excludes URLs using regex, e.g., .*\.jpg$. |
Select the Operation Type
Choose one of the following:
- Add: Add a new HTTP header.
- Replace: Replace an existing HTTP header with a new value.
- Delete: Remove a specified HTTP header.
Select or Customize a HTTP Header
- Choose from common HTTP headers from our provided list like Expires, Content-Type, Cache-Control, Access-Control-Allow-Origin, etc.
- For headers not in the preset list, select Custom and enter the custom HTTP header name.
Configure the HTTP Header Value
- For Add operation, enter the value in the New Value field.
- For Replace operation, configure the following:
- New Value (required): Replace the matching header with this new value.
- Old Value (optional): Match this old value to replace. If left blank, all old values will be replaced with the new value.
Note:
For Add and Replace operations, only one HTTP header can be configured per rule. For Delete operations, you can specify multiple headers.
Select the Header Control Direction
Choose the direction where the rule should apply.
Priority
Set the rule’s priority. The higher the number, the greater the priority for matching and execution. Rules with higher priority will be executed first under identical matching conditions.
After configuring, click Confirm, then select Next Step to submit your settings. To minimize any potential disruptions to your production environment, we strongly recommend conducting a Pre-deploy test in a staging environment. This crucial step ensures that your configurations are accurate before they go live. Once you have verified the accuracy of the settings, click Deploy Now to implement them in the live environment. The configurations typically become effective within 3-5 minutes. For comprehensive guidance on pre-deployment testing and to verify the effectiveness of your configurations, please consult the tutorial Deploy the Configurations to Staging Environment for Validation.
Important Notes
- When adding an HTTP header, if the target request or response already contains the same header, the add operation will fail, and the original header will be passed through. If you need to support duplicate headers, please contact the CDNetworks technical support team.
- If you configure add, replace, and delete operations for the same HTTP header, the priority of these operations will be: Delete > Replace > Add, regardless of the rule priority. Please pay attention to the priority of rules when configuring them to avoid unexpected results.