Cloudflare Docs
Edit this page
Report an issue with this page
Log into the Cloudflare dashboard
Set theme to dark (⇧+D)

Available settings

The following sections describe the available settings in Origin Rules.

​​ Host header

Allows you to rewrite the HTTP Host header of incoming requests.

A common use case for this functionality is when your content is hosted on a third-party server that only accepts Host headers with their own server names. In this situation, you must update the Host HTTP header in incoming requests from Host: to Host:

​​ Server Name Indication (SNI)

Allows you to override the Server Name Indication (SNI) 1 value of a request. For more information, refer to What is SNI (Server Name Indication)? in the Learning Center.

The new SNI value must be a valid hostname on the same Cloudflare account (possibly on a different zone).

​​ DNS record

Allows you to override the resolved hostname of incoming requests. This functionality is also known as resolve override.

A common use case is when you are serving an application from the URI (for example, In this case, the app may be hosted on a different server or by a third party. A DNS record override allows you to redirect requests to this endpoint to the server for that third-party application.

You must specify a valid hostname in a DNS record override that is a hostname on the same Cloudflare account (possibly on a different zone).

You can configure a DNS record (a CNAME, A, or AAAA record) with a hostname pointing to a third-party hostname/IP address, either proxied by Cloudflare or not.

The following example DNS records configure a hostname pointing to an external hostname and IP address using a CNAME record and an A record, respectively:

Example CNAME record

  • Type: CNAME
  • Name:
  • Target:
  • TTL: Auto
  • Proxy status: Proxied (orange cloud icon)

Example A record

  • Type: A
  • Name:
  • IPv4 address:
  • TTL: Auto
  • Proxy status: Proxied (orange cloud icon)

​​ Destination port

Allows you to override the destination port of a request.

When you configure a destination port override, you can redirect incoming requests to a different port. For example, you could override the destination port for requests received for so that they are served by the application running on port 9000 (

The destination port must be between 1 and 65,535.

  1. SNI allows a server to host multiple TLS Certificates for multiple websites using a single IP address. SNI adds the website hostname in the TLS handshake to inform the server which website to present when using shared IPs. ↩︎