StackPath EdgeRules allows you to customize the way StackPath responds to requests for websites. To make the setup process even easier, the most popular rules are included in single-click presets.
The StackPath preset EdgeRules take effect as soon as StackPath's servers receive the request and are compatible with both CDN and WAF integrations.
These rules will only work with domains that resolve to the StackPath Systems. When using a custom delivery domain, or full site integration, this will require making changes to your DNS records, you can read more here.
Force WWW Connections
The Force WWW Connections Rule redirects every request to a WWW subdomain. This works on all requests towards the StackPath Edge Address and any delivery domains that have been set up. Because of this, this rule is only recommended to redirect the apex domain to your WWW subdomain, assuming both already resolve to the CDN through DNS. It is recommended that this rule to only be used with a Full Site Integration.
This rule will affect the StackPath Edge Address and any subdomains you have set up as delivery domains. This will redirect any assets at h8j6g5r2.stackpathcdn.com to be at www.h8j6g5r2.stackpathcdn.com, when using the Edge Address For integration, preventing anything from loading. Similarly, if you have any custom subdomains in use as delivery domains, cdn.yourdomain.com, for example, will redirect to www.cdn.yourdomain.com and become unusable. You can see more troubleshooting information here.
Allowing Robot.txt files
Disallowing Robot.txt Files
These are Custom Rules which allow you to modify StackPath CDN settings based on a number of factors like Requested URLs, HTTP headers, and more. There are many things that Delivery rules will allow you to do. From redirects to hiding certain headers, this feature allows you to customize the site even further. Feel free to check on the most common uses of Delivery Rules, or reach out to support for help building a custom use-case we didn't mention.
WAF Rules grant you more versatility on who or what can access your site. Depending on the plan you chose you will have a limited amount of free WAF Rules per Stack, and after those are used new rules can be created for $1 Per rule. To see what your plan offers head to our Pricing page
When it comes to WAF Rules you want to be as precise as possible. The more refined your Rule parameters are, the narrower field of traffic the WAF will act on. If the scope of a Block rule is too narrow, this can lead to vulnerabilities, because the Rule does not trigger on all of the desired traffic. Likewise, if the scope of an Allow rule is too wide, the Rule will trigger for more than just the desired traffic, and malicious requests can get through.
Some of the most common things we see customers trying to use this for is blocking countries or allowing certain bots through by adding their User-agent to a whitelist so the WAF will ignore them.
EdgeRules instantly become active as soon as they are enabled. This allows for instant testing and configuration adjustments. Testing in a browser is ideal because this will provide visual feedback to indicate the rules are redirecting properly. A complete integration will automatically cause the desired redirect to the appropriate protocol or subdomain.
The 301 Response Code indicates a permanent redirect, so based on the above example image, the initial request redirects to a secure domain (green lock) which then redirects to an unusable WWW subdomain.
Alternatively, using cURL commands on a Mac OS or Linux terminal will show the desired behavior as well. A cURL command with the -IL options will force the process to follow any 301 redirects and show the response headers through the entire process (as shown above with cURLs towards an Edge Address).
If you have any questions about EdgeRules, StackPath Support is available 24/7 via live chat or ticket.