Page Rules migration guide
Page Rules are now a legacy product. Cloudflare recommends considering our new Rules features for your new implementations. Please follow the recommendations in this migration guide to learn about the new Rules products and how you can start adopting them today.
Page Rules migration
Cloudflare plans to migrate your existing Page Rules during 2025. You do not need to migrate your own rules, as Cloudflare will handle this process for you. However, it is beneficial to understand the correspondence between the different Page Rules settings and new Rules features ahead of the migration. This will help you familiarize yourself with implementing the new types of rules in your Cloudflare account.
We encourage you to explore and start using the new Rules products to take advantage of their enhanced capabilities and features. This migration guide will be updated in the coming months with additional information about the Page Rules migration. Some instructions may also change as we simplify configuration deployment and release new features as part of this project. Cloudflare users will receive email updates about the migration of the Page Rules configured on their Cloudflare account before the migration occurs. We will not perform any migration or changes on your behalf without prior notification.
Context
Cloudflare Page Rules has several fundamental limitations, such as triggering solely based on URL patterns and being limited to 125 rules per zone for performance reasons. These rules are also complex to debug when multiple page rules apply to the same incoming request.
In 2022, we announced in our blog post The future of Page Rules that Page Rules would be replaced with a suite of dedicated products, each built to be best-of-breed and put more power into the hands of our users. The new Rules products — Configuration Rules, Compression Rules, Origin Rules, Redirects, and Transform Rules — are now generally available (GA) and have already been adopted by tens of thousands of Cloudflare customers.
Main differences
New engine: New Rules features are powered by the Ruleset Engine, which offers versatile configuration with a robust language that supports many HTTP request and response fields.
Improved scalability: Thanks to the improved scalability, Cloudflare plans now have increased quotas.
Easier troubleshooting: Rule execution is more predictable, since each rule operates independently, simplifying troubleshooting. Additionally, Cloudflare Trace helps understand rule interactions.
Improved consistency: New Rules features also ensure consistency, with common fields and capabilities shared across products, offering a seamless experience and predictable Terraform configurations.
Convert Page Rules URLs to filter expressions
When migrating a Page Rule you will need to write a filter expression equivalent to your Page Rules URL using the Rules language.
Rule filter expressions are built differently from Page Rules URLs. You can use different elements of the Rules language in a filter expression, including fields, functions, and operators.
Strings in filter expressions do not support wildcards yet. You will need to adapt your Page Rules URLs when migrating them to modern rules. While Enterprise and Business customers can use regular expressions, it will also require adapting the original URLs in your Page Rules to regular expressions.
The following table lists the most common Page Rule URLs and their equivalent filters:
Target and components | Page Rule URL example | Filter expression using Rules language |
---|---|---|
Index page of root domain only (Domain + Path) | example.com/ | http.host eq "example.com" and http.request.uri.path eq "/" |
Everything on a specific domain (Domain) | example.com/* | http.host eq "example.com" |
All subdomains and URLs on a specific domain (Domain) | *example.com/* | http.host contains "example.com" |
Only subdomains and their URLs (Domain) | *.example.com/* | http.host contains ".example.com" |
Specific file on subdomains of a specific domain (Domain + Path) | *.example.com/*wp-login.php | ends_with(http.host, ".example.com") and ends_with(http.request.uri.path, "wp-login.php") |
Specific file extension in a directory or its subdirectories of a domain (Domain + Path) | example.com/archives/*.zip | http.host eq "example.com" and starts_with(http.request.uri.path, "/archives/") and http.request.uri.path.extension eq "zip" |
Specific file extension in any subdirectory of a domain (Domain + Path) | example.com/*/downloads/*.txt | http.host eq "example.com" and not starts_with(http.request.uri.path, "/downloads/") and http.request.uri.path contains "/downloads/" and http.request.uri.path.extension eq "txt" |
Specific directory and all its contents on all subdomains of a specific subdomain (Domain + Path) | *cdn.example.com/file/* | http.request.full_uri contains "cdn.example.com/file/" |
Specific URL on all domains (Path) | */images (required Cloudflare for SaaS) | http.request.uri.path eq "/images" |
Specific directory and its subdirectories on all domains (Path) | */images/* (required Cloudflare for SaaS) | starts_with(http.request.uri.path, "/images/") |
Specific file in any directory (Path) | */wp-login.php (required Cloudflare for SaaS) | ends_with(http.request.uri.path, "/wp-login.php") |
Specific query string on all domains (Path) | */*?country=GB (required Cloudflare for SaaS) | http.request.uri.query eq "country=GB" |
Part of a query string on all domains (Path) | */*?*country=GB* (required Cloudflare for SaaS) | http.request.uri.query contains "country=GB" |
Feature correspondence table
The following table summarizes how different Page Rules settings will be migrated to other Rules features. You can refer to this table and the next sections to learn more about the new way of implementing a given Page Rules setting, and also to learn how you can manually migrate your existing Page Rules.
Page Rules setting | New implementation uses… | Migration/Replacement instructions |
---|---|---|
Always Use HTTPS | Redirect Rules (dynamic redirects) | Migrate Always Use HTTPS |
Auto Minify | N/A (deprecated) | N/A |
Browser Cache TTL | Cache Rules | Migrate Browser Cache TTL |
Browser Integrity Check | Configuration Rules | Migrate Browser Integrity Check |
Bypass Cache on Cookie | Cache Rules | Migrate Bypass Cache on Cookie |
Cache By Device Type | Cache Rules | Migrate Cache By Device Type |
Cache Deception Armor | Cache Rules | Migrate Cache Deception Armor |
Cache Level | Cache Rules | Migrate Cache Level |
Cache on Cookie | Cache Rules | Migrate Cache on Cookie |
Cache TTL by status code | Cache Rules | Migrate Cache TTL by status code |
Custom Cache Key | Cache Rules | Migrate Custom Cache Key |
Disable Apps | Configuration Rules | Migrate Disable Apps |
Disable Performance | N/A (deprecated) | Replace Disable Performance |
Disable Railgun | N/A (deprecated) | N/A |
Disable Security | N/A (deprecated) | Replace Disable Security |
Disable Zaraz | Configuration Rules | Migrate Disable Zaraz |
Edge Cache TTL | Cache Rules | Migrate Edge Cache TTL |
Email Obfuscation | Configuration Rules | Migrate Email Obfuscation |
Forwarding URL | Redirect Rules (dynamic redirects) | Migrate Forwarding URL |
Host Header Override | Origin Rules | Migrate Host Header Override |
IP Geolocation Header | Transform Rules (Managed Transforms) | Migrate IP Geolocation Header |
Mirage | Configuration Rules | Migrate Mirage |
Opportunistic Encryption | Configuration Rules | Migrate Opportunistic Encryption |
Origin Cache Control | Cache Rules | Migrate Origin Cache Control |
Origin Error Page Pass-thru | Cache Rules | Migrate Origin Error Page Pass-thru |
Polish | Configuration Rules | Migrate Polish |
Query String Sort | Cache Rules | Migrate Query String Sort |
Resolve Override | Origin Rules | Migrate Resolve Override |
Respect Strong ETags | Cache Rules | Migrate Respect Strong ETags |
Response Buffering | N/A (deprecated) | N/A |
Rocket Loader | Configuration Rules | Migrate Rocket Loader |
Security Level | Configuration Rules | Migrate Security Level |
True Client IP Header | Transform Rules (Managed Transforms) | Migrate True Client IP Header |
Server Side Excludes | N/A (deprecated) | N/A |
SSL | Configuration Rules | Migrate SSL |
Web Application Firewall | N/A (deprecated) | N/A |
Migrate Always Use HTTPS
Context:
You configured a Page Rule to perform an automatic redirect from HTTP to HTTPS for all subdomains of example.com
and the example.com
domain itself:
- URL
*example.com/*
- Setting: Always Use HTTPS
How to migrate:
Create a dynamic redirect to always redirect HTTP requests to HTTPS for any hostname that contains
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com" AND SSL/HTTPS is off
- Using the Expression Editor:
(http.host contains "example.com" and not ssl)
- Using the Expression Builder:
Then:
- Type: Dynamic
- Expression:
concat("https://", http.host, http.request.uri.path)
- Status code: 301
Turn off your existing Page Rule and validate the behavior of the redirect you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a dynamic redirect |
---|---|
Migrate Automatic HTTPS Rewrites
Context:
You configured a Page Rule turning on Automatic HTTPS Rewrites for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Automatic HTTPS Rewrites
- Value: On
How to migrate:
Create a configuration rule to always rewrite HTTP links to HTTPS for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Automatic HTTPS Rewrites
- Value: On
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Browser Cache TTL
Context:
You configured a Page Rule adjusting browser cache TTL to one day for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Browser Cache TTL
- Enter Browser Cache TTL: a day
How to migrate:
Create a cache rule to adjust browser cache TTL for caching resources in the browser to one day for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Browser TTL: Override origin and use this TTL
- Input time-to-live (TTL): 1 day
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Browser Integrity Check
Context:
You configured a Page Rule turning on Browser Integrity Check for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Browser Integrity Check
- Value: On
How to migrate:
Create a configuration rule to turn on Browser Integrity Check for protecting against bots and threats for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Browser Integrity Check
- Value: On
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Bypass Cache on Cookie
Context:
You configured a Page Rule turning on Bypass Cache on Cookie for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Bypass Cache on Cookie
- Enter value:
test_cookie
How to migrate:
Create a cache rule to bypass cache for requests containing cookie
test_cookie
for any hostname containingexample.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com" AND Cookie contains "test-cookie"
- Using the Expression Editor:
(http.host contains "example.com" and http.cookie contains "test-cookie")
- Using the Expression Builder:
Then:
- Cache eligibility: Bypass cache
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Cache By Device Type
Context:
You configured a Page Rule turning on Cache By Device Type for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Cache By Device Type
- Value: On
How to migrate:
Create a cache rule to cache content based on user agent or device type for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Cache key
- Cache by device type: On
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Cache Deception Armor
Context:
You configured a Page Rule turning on Cache Deception Armor for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Cache Deception Armor
How to migrate:
Create a cache rule to protect against cache deception attacks for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Cache key
- Cache deception armor: On
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Cache Level (Cache Everything)
Context:
You configured a Page Rule turning on caching of all assets for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Cache Level
- Select Cache Level: Cache Everything
How to migrate:
Create a cache rule to adjust cache level for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Cache on Cookie
Context:
You configured a Page Rule turning on caching for responses that contained cookie test-cookie
for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Cache on Cookie
- Enter value:
test-cookie
How to migrate:
Create a cache rule to cache responses containing cookie
test_cookie
for any hostname containingexample.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com" AND Cookie contains "test-cookie"
- Using the Expression Editor:
(http.host contains "example.com" and http.cookie contains "test-cookie")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Cache TTL by status code
Context:
You configured a Page Rule turning on caching of every response with status code between 200
and 599
for one day, for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Cache TTL by status code
- Status code or enter range:
200-599
- Select option: a day
How to migrate:
Create a cache rule to cache responses with status code between
200
and599
for one day for any hostname containingexample.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Edge TTL
- Use cache-control header if present, use default Cloudflare caching behavior if not
- Status code TTL:
- Scope: Range
- From: 200
- To: 599
- Duration: 1 day
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Custom Cache Key
Context:
You configured a Page Rule setting a custom cache key for all query string parameters, for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Custom Cache Key
- Query String: All query string parameters
How to migrate:
Create a cache rule to set a custom cache key for all query string parameters, for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Cache key
- Query string: All query string parameters
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Disable Apps
Context:
You configured a Page Rule turning off Cloudflare Apps (deprecated) for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Disable Apps
How to migrate:
Create a configuration rule to disable Cloudflare Apps (deprecated) for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Disable Apps
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Replace Disable Performance
This Page Rules setting turned off Auto Minify (deprecated), Mirage, Polish, and Rocket Loader. You can still turn on or off relevant Cloudflare features one by one using Configuration Rules.
Context:
You configured a Page Rule with Disable Performance (deprecated) for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Disable Performance
How to replace:
Create a configuration rule to disable Mirage, Polish, and Rocket Loader for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Mirage: Off
- Polish: Off
- Rocket Loader: Off
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Replace Disable Security
This Page Rules setting turns off Email Obfuscation, Rate Limiting (previous version), Scrape Shield, Server Side Excludes, URL (Zone) Lockdown, and WAF managed rules (previous version). You can still turn on or off relevant Cloudflare features one by one using Configuration Rules and WAF custom rules.
Context:
You configured a Page Rule with Disable Security (deprecated) for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Disable Security
This setting turned off a subset of Cloudflare security features: Email Obfuscation, Rate Limiting (previous version), Scrape Shield, Server Side Excludes, URL (Zone) Lockdown, and WAF managed rules (previous version).
How to replace:
Create a configuration rule to turn off one or more security features:
- Email Obfuscation (part of Cloudflare Scrape Shield)
- Server Side Excludes, now deprecated (part of Cloudflare Scrape Shield)
- Hotlink Protection (part of Cloudflare Scrape Shield)
If required, create a WAF exception to skip one or more rules of WAF managed rulesets for requests coming from IP addresses in an allowlist.
Turn off your existing Page Rule and validate the behavior of the rules you created.
If your tests succeed, delete the existing Page Rule.
Migrate Disable Zaraz
Context:
You configured a Page Rule turning off Zaraz for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Disable Zaraz
How to migrate:
Create a configuration rule to turn off Zaraz for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Disable Zaraz
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Edge Cache TTL
Context:
You configured a Page Rule adjusting Edge Cache TTL for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Edge Cache TTL
- Enter Edge Cache TTL: a day
How to migrate:
Create a cache rule to adjust edge cache TTL for caching resources on Cloudflare edge to one day, for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Edge TTL
- Ignore cache-control header and use this TTL
- Input time-to-live (TTL): 1 day
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Email Obfuscation
Context:
You configured a Page Rule turning off Email Obfuscation for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Email Obfuscation
- Value: Off
How to migrate:
Create a configuration rule to turn off Email Obfuscation for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Email Obfuscation
- Value: Off
- Setting: Email Obfuscation
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Forwarding URL
Example #1: Redirect www
to root domain
Context:
You configured a Page Rule permanently redirecting www.example.com
to example.com
on all URI paths:
- URL:
www.example.com/*
- Setting: Forwarding URL
- Select Status code: 301 - Permanent Redirect
- Destination URL:
https://example.com/$1
How to migrate:
Create a dynamic redirect to permanently redirect requests from
www.example.com
toexample.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname equals "www.example.com"
- Using the Expression Editor:
(http.host eq "www.example.com")
- Using the Expression Builder:
Then:
- Type: Dynamic
- Expression:
concat("https://example.com", http.request.uri.path)
- Status code: 301
Turn off your existing Page Rule and validate the behavior of the redirect you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a dynamic redirect |
---|---|
Example #2: Redirect all pages under old path to new path
Context:
You configured a Page Rule permanently redirecting example.com/old-path
to example.com/new-path
:
- URL:
example.com/old-path/*
- Setting: Forwarding URL
- Select Status code: 301 - Permanent Redirect
- Destination URL:
https://example.com/new-path/$1
How to migrate:
Create a dynamic redirect to permanently redirect requests for
example.com/old-path
toexample.com/new-path
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname equals "example.com" AND URI Path starts with "/old-path/"
- Using the Expression Editor:
(http.host eq "example.com" and starts_with(http.request.uri.path, "/old-path/"))
- Using the Expression Builder:
Then:
- Type: Dynamic
- Expression:
concat("/new-path/", substring(http.request.uri.path, 10))
(where10
(start byte value) is the length of/old-path/
) - Status code: 301
Turn off your existing Page Rule and validate the behavior of the redirect you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a dynamic redirect |
---|---|
Migrate Host Header Override
Context:
You configured a Page Rule changing the Host
HTTP header to example.saas-provider.com
, for all requests addressed at any subdomain of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Host Header Override
- Enter value:
example.saas-provider.com
How to migrate:
Create an origin rule changing the
Host
header toexample.saas-provider.com
for any hostname containingexample.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Set origin parameters:
- Host Header > Rewrite to:
example.saas-provider.com
- Host Header > Rewrite to:
- Set origin parameters:
Turn off your existing Page Rule and validate the behavior of the origin rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to an origin rule |
---|---|
Migrate IP Geolocation Header
Context:
You configured a Page Rule adding a CF-IPCountry
HTTP header, for all requests addressed at any subdomain of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: IP Geolocation Header
- Value: On
How to migrate:
- Turn on the Add visitor location headers Managed Transform — a Transform Rules feature — to add the
CF-IPCountry
and other location headers to all requests. - Turn off your existing Page Rule and validate the behavior of the Managed Transform.
- If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a Managed Transform |
---|---|
Migrate Mirage
Context:
You configured a Page Rule turning off Mirage for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Mirage
- Value: Off
How to migrate:
Create a configuration rule to turn off Mirage for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Mirage
- Value: Off
- Setting: Mirage
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Opportunistic Encryption
Context:
You configured a Page Rule turning off Opportunistic Encryption for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Opportunistic Encryption
- Value: Off
How to migrate:
Create a configuration rule to turn off Opportunistic Encryption for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Opportunistic Encryption
- Value: Off
- Setting: Opportunistic Encryption
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Origin Cache Control
Context:
You configured a Page Rule turning off Origin Cache Control for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Origin Cache Control
- Value: Off
How to migrate:
Create a cache rule to determine edge cache behavior for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Origin Cache Control
- Enable Origin Cache Control: Off
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Origin Error Page Pass-thru
Context:
You configured a Page Rule turning on Origin Error Page Pass-thru for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Origin Error Page Pass-thru
- Value: On
How to migrate:
Create a cache rule to determine edge cache behavior for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Origin error page pass-thru
- Use Origin error page pass-thru: On
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Polish
Context:
You configured a Page Rule turning off Polish for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Polish
- Value: Off
How to migrate:
Create a configuration rule to turn off Polish for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Polish
- Select value: Off
- Setting: Polish
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Query String Sort
Context:
You configured a Page Rule turning on Query String Sort for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Query String Sort
- Value: On
How to migrate:
Create a cache rule to sort query string parameters for caching purposes, for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Cache key
- Sort query string: On
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Resolve Override
Context:
You configured a Page Rule changing the origin to example.saas-provider.com
, for all requests addressed at any subdomain of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Resolve Override
- Enter value:
example.saas-provider.com
How to migrate:
Create an origin rule overriding the origin to
example.saas-provider.com
for any hostname containingexample.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- DNS Record > Override to:
example.saas-provider.com
- DNS Record > Override to:
Turn off your existing Page Rule and validate the behavior of the origin rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to an origin rule |
---|---|
Migrate Respect Strong ETags
Context:
You configured a Page Rule turning on byte-for-byte equivalency checks for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Respect Strong ETags
- Value: On
How to migrate:
Create a cache rule to respect strong ETags for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then:
- Cache eligibility: Eligible for cache
- Setting: Respect strong ETags
- Use strong ETag headers: On
Turn off your existing Page Rule and validate the behavior of the cache rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a cache rule |
---|---|
Migrate Rocket Loader
Context:
You configured a Page Rule turning off Rocket Loader for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Rocket Loader
- Value: Off
How to migrate:
Create a configuration rule to turn off Rocket Loader for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Rocket Loader
- Value: Off
- Setting: Rocket Loader
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate Security Level
Context:
You configured a Page Rule setting Security Level (deprecated) to I’m Under Attack for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: Security Level
- Select Security Level: I’m Under Attack
How to migrate:
Create a configuration rule to turn on I’m Under Attack mode for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: Security Level
- Select Security Level: I’m Under Attack
- Setting: Security Level
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Migrate True Client IP Header
Context:
You configured a Page Rule adding a True-Client-IP
HTTP header for all requests addressed at any subdomain of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: True Client IP Header
- Value: On
How to migrate:
- Turn on the Add “True-Client-IP” header Managed Transform — a Transform Rules feature — to add the
True-Client-IP
header to all requests. - Turn off your existing Page Rule and validate the behavior of the Managed Transform.
- If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a Managed Transform |
---|---|
Migrate SSL
Context:
You configured a Page Rule setting SSL to Strict for all subdomains of example.com
and the example.com
domain itself:
- URL:
*example.com/*
- Setting: SSL
- Select SSL/TLS encryption mode: Strict
How to migrate:
Create a configuration rule to set SSL to Strict, for any hostname containing
example.com
:When incoming requests match: Custom filter expression
- Using the Expression Builder:
Hostname contains "example.com"
- Using the Expression Editor:
(http.host contains "example.com")
- Using the Expression Builder:
Then the settings are:
- Setting: SSL
- Select SSL/TLS encryption mode: Strict
- Setting: SSL
Turn off your existing Page Rule and validate the behavior of the configuration rule you created.
If your tests succeed, delete the existing Page Rule.
Page Rules configuration | Migrate to a configuration rule |
---|---|
Settings that will not be migrated
The following Page Rules settings will not be migrated to other types of rules:
- Auto Minify (this setting is deprecated)
- Disable Performance (this setting is deprecated)
- Disable Railgun (this setting is deprecated, since Railgun is no longer available)
- Disable Security (this setting is deprecated)
- Response Buffering (this setting is deprecated)
- Server Side Excludes (this setting is deprecated, since Server-side Excludes is deprecated)
- Web Application Firewall (this setting is deprecated, since the previous version of WAF managed rules is deprecated)
All other Page Rules settings will be migrated during 2025.
More resources
If you have feedback to share, refer to our Community thread.