Supported fields and operators
The fields that are supported by load balancing rules depend on whether Cloudflare proxies the traffic going through your load balancer or not.
If you use the wrong set of fields, you might see unexpected behaviors. For best results, use the fields associated with your traffic's proxy status.
Also, some Load Balancing rules fields are available on the Expression Builder - as described in Load Balancing expressions - while others can only be configured manually, via API or Expression Editor
Consider the following table to know how the fields available in the Expression Builder are grouped.
Field Set | Section in Expression Builder | Description |
---|---|---|
Fields supported regardless of proxy | BOTH | Values that are always accessible regardless of the load balancer proxy status. |
Proxied-only fields | PROXIED ONLY | Values accessible only when the load balancer is proxied. |
Unproxied-only fields | NON-PROXIED ONLY | Values accessible only when the load balancer is not proxied (DNS-only traffic). |
Regardless of your traffic proxy status, Load Balancing rules can access values for the following fields:
Field | Name in Expression Builder | Description |
---|---|---|
cf.load_balancer.name Bytes | Load Balancer Name | Represents the name of the load balancer executing these rules. Example value:
|
cf.load_balancer.region Bytes | Load Balancer Region | Provides the region name of the data center processing the request. Example value:
|
ip.src IP address | IP Source Address | If proxied, this field provides the client TCP IP address, which may be adjusted to reflect the actual address of the client by using HTTP headers such as If unproxied (DNS-only), this field provides the ECS source address, if available. If not available, it provides the client resolver IP address. Deprecation Warning: In the future, this field will always be set to the client resolver IP address for unproxied requests. To check for the presence of ECS and use the ECS IP, see the fields Example value:
|
If your traffic is proxied through Cloudflare, you have access to all the fields listed under Fields supported regardless of proxy in addition to the following fields:
Many of these fields are referenced from the Rules language documentation.
Field | Name in Expression Builder | Description |
---|---|---|
http.cookie String | (Manual entry only) | Represents the entire cookie as a string. Example value:
|
http.host String | (Manual entry only) | Represents the hostname used in the full request URI. Example value:
|
http.referer String | (Manual entry only) | Represents the HTTP Referer request header, which contains the address of the web page that linked to the currently requested page. Example value:
|
http.request.headers Map<Array<String>> | Header | Represents HTTP request headers as a Map (or associative array). The keys of the associative array are the names of HTTP request headers converted to lowercase. When there are repeating headers, the array includes them in the order they appear in the request. Decoding: no decoding performed
Example:
Example value:
|
http.request.method String | Request Method | Represents the HTTP method, returned as a string of uppercase characters. Example value:
|
http.request.timestamp.sec Integer | Timestamp | Represents the timestamp when Cloudflare received the request, expressed as Unix time in seconds. This value is 10 digits long. Example value:
|
http.request.uri String | URI | Represents the URI path and query string of the request. Example value:
|
http.request.uri.args Map<Array<String>> | (Manual entry only) | Represents the HTTP URI arguments associated with a request as a Map (associative array). When an argument repeats, then the array contains multiple items in the order they appear in the request. The values are not pre-processed and retain the original case used in the request. Decoding: no decoding performed
Example:
Example value:
|
http.request.uri.args.names Array<String> | (Manual entry only) | Represents the names of the arguments in the HTTP URI query string. The names are not pre-processed and retain the original case used in the request. When a name repeats, the array contains multiple items in the order that they appear in the request. Decoding: no decoding performed
Example:
Example value:
|
http.request.uri.args.values Array<String> | (Manual entry only) | Represents the values of arguments in the HTTP URI query string. The values are not pre-processed and retain the original case used in the request. They are in the same order as in the request. Duplicated values are listed multiple times. Decoding: no decoding performed
Example:
Example value:
|
http.request.uri.path String | URI Path | Represents the URI path of the request. Example value:
|
http.request.uri.query String | URI Query | Represents the entire query string, without the Example value:
|
http.request.version String | HTTP Version | Represents the version of the HTTP protocol used. Use this field when you require different checks for different versions. Example Values:
|
If your traffic is not proxied through Cloudflare, you have access to all the fields listed under Fields supported regardless of proxy in addition to the following fields:
Field | Name in Expression Builder | Description |
---|---|---|
dns.qry.name Bytes | Query Name | Represents the query name asked. Example value:
|
dns.qry.name.len Integer | Query Name Length | Represents the length in bytes of the query name. Example value:
|
dns.qry.qu Boolean | Question | When |
dns.qry.type Integer | Query Type | Represents the numeric value of the DNS query type. Example Values:
|
dns.rr.opt.client Boolean | (Manual entry only) | When |
dns.rr.opt.client.addr String | (Manual entry only) | If present, this field represents the ECS address sent with the DNS request. Example value:
|
-
Comparison operators specify how values defined in an expression must relate to the actual HTTP request value for the expression to return true.
-
Logical operators combine two expressions to form a compound expression and use order of precedence to determine how an expression is evaluated.
-
Grouping symbols allow you to organize expressions, enforce operator precedence, and nest expressions.
For examples and usage, refer to Operators and grouping symbols in the Rules language documentation.