Configuration Rules settings
You can change the configuration settings described below in a Configuration Rule.
Automatic HTTPS Rewrites
Enable or disable Automatic HTTPS Rewrites 1 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"automatic_https_rewrites"
(boolean).API configuration example
Auto Minify
Select which file extensions to minify automatically using Auto Minify 2. API configuration object name: Refer to Create a Configuration Rule via API for complete API examples.API information
"autominify"
(object).API configuration example
Browser Integrity Check
Enable or disable Browser Integrity Check 3 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"bic"
(boolean).API configuration example
Disable Apps
Disable all active Cloudflare Apps 4 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"disable_apps"
(boolean).API configuration example
Disable Railgun
Disable Cloudflare Railgun 5 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"disable_railgun"
(boolean).API configuration example
Disable Zaraz
Disable Cloudflare Zaraz 6 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"disable_zaraz"
(boolean).API configuration example
Hotlink Protection
Enable or disable Hotlink Protection 7 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"hotlink_protection"
(boolean).API configuration example
Email Obfuscation
Enable or disable Email Obfuscation 8 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"email_obfuscation"
(boolean).API configuration example
Mirage
Enable or disable Mirage 9 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"mirage"
(boolean).API configuration example
Opportunistic Encryption
Enable or disable Opportunistic Encryption 10 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"opportunistic_encryption"
(boolean).API configuration example
Polish
Set Polish 11 compression options for matching requests. API configuration property name: API values: Refer to Create a Configuration Rule via API for complete API examples.API information
"polish"
(string)."off"
, "lossless"
, "lossy"
.API configuration example
Rocket Loader
Enable or disable Rocket Loader 12 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"rocket_loader"
(boolean).API configuration example
Security Level
Select the Security Level 13 for matching requests. API configuration property name: API values: Refer to Create a Configuration Rule via API for complete API examples.API information
"security_level"
(string)."off"
, "essentially_off"
, "low"
, "medium"
, "high"
, "under_attack"
.API configuration example
Server Side Excludes
Enable or disable Server Side Excludes 14 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples.API information
"server_side_excludes"
(boolean).API configuration example
SSL
Select the SSL/TLS encryption mode 15 for matching requests. API configuration property name: API values: Refer to Create a Configuration Rule via API for complete API examples.API information
"ssl"
(string)."off"
, "flexible"
, "full"
, "strict"
, "origin_pull"
.API configuration example
SXG
Enable or disable Signed Exchanges (SXG) 16 for matching requests. API configuration property name: Refer to Create a Configuration Rule via API for complete API examples. Automatic HTTPS Rewrites prevents end users from seeing “mixed content” errors by rewriting URLs from Auto Minify can remove all unnecessary characters from HTML, JavaScript, and CSS files. ↩︎ Browser Integrity Check blocks access to pages based on specific HTTP headers commonly abused by spammers. ↩︎ Cloudflare Apps is a platform for sharing high-quality apps that are easy to use by anyone with a website. ↩︎ Railgun is a WAN optimization technology that compresses previously unreachable web objects using techniques similar to those used in high-quality video compression. ↩︎ Zaraz gives you complete control over third-party tools and services for your website, and allows you to offload them to the Cloudflare global network. ↩︎ Hotlink Protection prevents your images from being used by other sites, potentially reducing the bandwidth consumed by your origin server. ↩︎ Email Obfuscation helps in spam prevention by hiding email addresses appearing in your pages from email harvesters and other bots, while remaining visible to your site visitors. ↩︎ Mirage accelerates image delivery for your visitors based on their device. ↩︎ Opportunistic Encryption allows browsers to access HTTP URIs over an encrypted TLS channel. ↩︎ Cloudflare Polish is a one-click image optimization product that automatically optimizes images in your site. ↩︎ Rocket Loader prioritizes your website’s content (such as text, images, and fonts) by deferring the loading of all your JavaScript code until after rendering. ↩︎ The Security Level controls Managed Challenges for requests from low reputation IP addresses. ↩︎ Server Side Excludes allow you to provide specific pieces of content to real website visitors while hiding that content from suspicious visitors. ↩︎ Encryption modes control the scheme ( Signed exchanges (SXG) is an open standard that makes it possible to cryptographically authenticate the origin of a resource independently of how it is delivered. ↩︎API information
"sxg"
(boolean).API configuration example
http
to https
for resources or links on your website that can be served with HTTPS. ↩︎http://
or https://
) that Cloudflare uses to connect to your origin web server and how SSL certificates presented by your origin will be validated. ↩︎