Available settings
The following sections describe the available settings in Origin Rules.
Host header
Allows you to rewrite the HTTP Host
header of incoming requests.
A common use case for this functionality is when your content is hosted on a third-party server that only accepts Host
headers with their own server names. In this situation, you must update the Host
HTTP header in incoming requests from Host: example.com
to Host: thirdpartyserver.example.net
.
Server Name Indication (SNI)
Allows you to override the Server Name Indication (SNI) 1 value of a request. For more information, refer to What is SNI (Server Name Indication)? in the Learning Center.
The new SNI value must be a valid hostname on the same Cloudflare account (possibly on a different zone).
DNS record
Allows you to override the resolved hostname of incoming requests. This functionality is also known as resolve override.
A common use case is when you are serving an application from the URI (for example, mydomain.com/app
). In this case, the app
may be hosted on a different server or by a third party. A DNS record override allows you to redirect requests to this endpoint to the server for that third-party application.
You must specify a valid hostname in a DNS record override that is a hostname on the same Cloudflare account (possibly on a different zone).
You can configure a DNS record (a CNAME
, A
, or AAAA
record) with a hostname pointing to a third-party hostname/IP address, either proxied by Cloudflare or not.
The following example DNS records configure a resolve.example.com
hostname pointing to an external hostname and IP address using a CNAME
record and an A
record, respectively:
Example CNAME
record
- Type: CNAME
- Name:
resolve.example.com
- Target:
domain.s3.amazonaws.com
- TTL:
Auto
- Proxy status: Proxied (orange cloud icon)
Example A
record
- Type: A
- Name:
resolve.example.com
- IPv4 address:
203.0.113.1
- TTL:
Auto
- Proxy status: Proxied (orange cloud icon)
Destination port
Allows you to override the destination port of a request.
When you configure a destination port override, you can redirect incoming requests to a different port. For example, you could override the destination port for requests received for mydomain.com
so that they are served by the application running on port 9000 (mydomain.com:9000
).
The destination port must be between 1 and 65,535. SNI allows a server to host multiple TLS Certificates for multiple websites using a single IP address. SNI adds the website hostname in the TLS handshake to inform the server which website to present when using shared IPs. ↩︎