Basic Concepts
최신 업데이트:2026-02-05 11:04:10
By defining match conditions, you can configure the security policy to detect request features. Custom Rules, Rate Limiting, Whitelist, and other security policies use the same configuration structure.
Supported Fields
| Field | Description | Supported Operator | Case-Sensitive Match | Supports Multiple Match Values |
|---|---|---|---|---|
| IP/CIDR | Match or exclude specific client IP addresses, supporting both IPv4 and IPv6. | equals | - | yes |
| does not equal | - | yes | ||
| Path | Matches rules based on the specific path in the request. The path starts with '/', and does not include domain name or parameter information (for example: www.test.com/common/ecs/channel?code=1&type=2, the path is '/common/ecs/channel'). | equals | yes | yes |
| does not equal | yes | yes | ||
| contains | no | yes | ||
| does not contain | no | yes | ||
| starts with | no | yes | ||
| ends with | no | yes | ||
| wildcard match | no | yes | ||
| wildcard mismatch | no | yes | ||
| regex match | no | no | ||
| regex mismatch | no | no | ||
| URI | Matches rules based on the specific URI in the request. The URI starts with '/', and contains parameter information, e.g., `/common/ecs/channel?code=1&type=2`. | equals | yes | yes |
| does not equal | yes | yes | ||
| contains | no | yes | ||
| does not contain | no | yes | ||
| starts with | no | yes | ||
| ends with | no | yes | ||
| wildcard match | no | yes | ||
| wildcard mismatch | no | yes | ||
| regex match | no | no | ||
| regex mismatch | no | no | ||
| User-Agent | Matches rules based on the value of **User-Agent**. | equals | yes | yes |
| does not equal | yes | yes | ||
| contains | no | yes | ||
| does not contain | no | yes | ||
| does not exist or has no value | - | - | ||
| starts with | no | yes | ||
| ends with | no | yes | ||
| wildcard match | no | yes | ||
| wildcard mismatch | no | yes | ||
| regex match | no | no | ||
| regex mismatch | no | no | ||
| Referer | Matches rules based on the value of **Referer**. | equals | yes | yes |
| does not equal | yes | yes | ||
| contains | no | yes | ||
| does not contain | no | yes | ||
| does not exist or has no value | - | - | ||
| starts with | no | yes | ||
| ends with | no | yes | ||
| wildcard match | no | yes | ||
| wildcard mismatch | no | yes | ||
| regex match | no | no | ||
| regex mismatch | no | no | ||
| Request Header | Matches rules based on the value of a specific request header (**request header name is case-insensitive**). | equals | yes | yes |
| does not equal | yes | yes | ||
| contains | no | yes | ||
| does not contain | no | yes | ||
| does not exist or has no value | - | - | ||
| starts with | no | yes | ||
| ends with | no | yes | ||
| wildcard match | no | yes | ||
| wildcard mismatch | no | yes | ||
| regex match | no | no | ||
| regex mismatch | no | no | ||
| Query String | Matches rules based on the specific Query String in the request, e.g., `code=1&type=2`. | equals | yes | yes |
| does not equal | yes | yes | ||
| contains | no | yes | ||
| does not contain | no | yes | ||
| starts with | no | yes | ||
| ends with | no | yes | ||
| wildcard match | no | yes | ||
| wildcard mismatch | no | yes | ||
| regex match | no | no | ||
| regex mismatch | no | no | ||
| Request Method | Matches or excludes specific request methods. | equals | - | yes |
| does not equal | - | yes | ||
| Geo | Matches or excludes requests from specific regions. | equals | - | yes |
| does not equal | - | yes | ||
| Response Code | Matches or excludes requests with specific status codes. Only status codes returned during the response phase are counted. | equals | - | yes |
| does not equal | - | yes | ||
| Client List | Matches or excludes requests with specific client lists. | equals | - | yes |
| does not equal | - | yes | ||
| ASN | Matches or excludes requests with a specific ASN. | equals | - | yes |
| does not equal | - | yes |
이 문서의 내용이 도움이 되었습니까?
예
아니오