Edge Rules Recipes are designed to get you started with edge rules by providing you with predefined rules for some frequently used cases. Based on the list of frequent use cases with edge rules we have the following list of predefined rules that you can use as a starting point with edge rules usage.
To create a recipe, choose the one you prefer from nested "CREATE RULE" option:

Add CORS Headers
CURL Example Before:
curl -I http://foo.bar.netdna-cdn.com/my/webfont.woff
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 17:59:23 GMT application/font-woff
Content-Length: 43572
Connection: keep-alive
Expires: Wed, 02 Apr 2014 17:59:23 GMT
Cache-Control: max-age=604800
Server: NetDNA-cache/2.2
X-Cache: HIT
CURL Example After:
curl -I http://foo.bar.netdna-cdn.com/my/webfont.woff
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 18:05:43 GMT application/font-woff
Content-Length: 43572
Connection: keep-alive
Expires: Wed, 02 Apr 2014 18:05:43 GMT
Cache-Control: max-age=604800
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2 X-Cache: HIT
Resulting NGINX Configuration Block:
location ^~ \.(ttf|ttc|otf|eot|woff|font.css|css)$ {add_header Access-Control-Allow-Origin "*"; ... }
Hide X-Powered-By Header
CURL Example Before:
curl -I http://foo.bar.netdna-cdn.com/example.html
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 18:08:11 GMT
Content-Type: text/html
Content-Length: 43572
Connection: keep-alive
Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT
Server: NetDNA-cache/2.2
Expires: Sat, 21 Mar 2015 18:08:11 GMT
Cache-Control: max-age=31104000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Cache: HIT
X-Powered-By: My-Web-Server
Accept-Ranges: bytes
CURL Example After:
curl -I http://foo.bar.netdna-cdn.com/example.html
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 18:12:58 GMT
Content-Type: text/html
Content-Length: 43572
Connection: keep-alive
Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT
Server: NetDNA-cache/2.2
expires: Sat, 21 Mar 2015 18:12:58 GMT
Cache-Control: max-age=31104000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Cache: HIT
Accept-Ranges: bytes
Resulting NGINX Configuration Block:
location / {proxy_hide_header X-Powered-By; ... }
Hide Server Header
CURL Example Before:
curl -I http://foo.bar.netdna-cdn.com/file.css
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 18:15:37 GMT
Content-Type: text/css
Content-Length: 43572
Connection: keep-alive
Last-Modified: Thu, 21 No
Expires: Sat, 21 Mar 2015 18:15:37 GMT
Cache-Control: max-age=31104000
Server: NetDNA-cache/2.2
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Cache: HIT
Accept-Ranges: bytes
CURL Example After:
curl -I http://foo.bar.netdna-cdn.com/file.css
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 18:15:54 GMT
Content-Type: text/css
Content-Length: 43572
Connection: keep-alive
Last-Modified: Thu, 21 No
Expires: Sat, 21 Mar 2015 18:15:54 GMT
Cache-Control: max-age=31104000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Cache: HIT
Accept-Ranges: bytes
Resulting NGINX Configuration Block:
location / {proxy_hide_header Server; ... }
Hide S3 Headers
CURL Example Before:
curl -I http://foo.bar.netdna-cdn.com/styles/file.css
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 18:20:15 GMT
Content-Type: text/css
Content-Length: 123456
Connection: keep-alive
Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT
Expires: Sat, 21 Mar 2015 18:20:15 GMT
Cache-Control: max-age=31104000
Vary: Accept-Encoding
x-amz-request-id: 123bc145-b1b2-13b6-bd52-5b6a56eb3c56
Access-Control-Allow-Origin: *
X-Cache: HIT
Accept-Ranges: bytes
CURL Example After:
curl -I http://foo.bar.netdna-cdn.com/styles/file.css
HTTP/1.1 200 OK
Date: Wed, 26 Mar 2014 18:20:43 GMT
Content-Type: text/css
Content-Length: 123456
Connection: keep-alive
Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT
Expires: Sat, 21 Mar 2015 18:20:43 GMT
Cache-Control: max-age=31104000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Cache: HIT
Accept-Ranges: bytes
Resulting NGINX Configuration Block:
location / {
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-meta-s3fox-filesize;
proxy_hide_header x-amz-meta-s3fox-modifiedtime;
proxy_hide_header x-amz-request-id;
...
}
Force HTTPS Connections
CURL Example with HTTP:
~$ curl -I http://foo.bar.netdna-cdn.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 09 Feb 2015 21:24:00 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: https://foo-bar.netdna-ssl.com/
Server: NetDNA-cache/2.2
CURL Example with HTTPS:
~$ curl -I https://123456789012345678901-netdnasa2.netdna-ssl.com/
HTTP/1.1 200 OK
Date: Mon, 09 Feb 2015 21:24:03 GMT
Content-Type: text/html; charset=ISO-8859-1
Connection: keep-alive
Cache-Control: max-age=86400
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
X-Cache: HIT
Resulting NGINX Configuration Block:
location / {
if ($scheme = http) {
rewrite ^ https://$http_host$request_uri permanent;
}
Redirect All Bots
CURL Example Without Bots in Request:
~$ curl -I http://foo.bar.netdna-cdn.com/
HTTP/1.1 200 OK
Date: Mon, 09 Feb 2015 21:33:16 GMT
Content-Type: text/html; charset=ISO-8859-1
Connection: keep-alive
Cache-Control: max-age=86400
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
X-Cache: HIT
CURL Example with Bot in Request:
~$ curl -I http://foo.bar.netdna-cdn.com/ -A "Googlebot"
HTTP/1.1 301 Moved Permanently
Date: Mon, 09 Feb 2015 21:36:37 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: http://static.origin.com/
Server: NetDNA-cache/2.2
Resulting NGINX Configuration Block:
location / {
if ($http_user_agent ~* (crawl|Googlebot|Slurp|spider|bingbot|tracker|click|parser|spider)) {
rewrite ^ http://static.origin.com$request_uri permanent;
}
Redirect By Referrer
CURL Example without Referrer:
~$ curl -I http://foo.bar.netdna-cdn.com/
HTTP/1.1 200 OK
Date: Mon, 09 Feb 2015 21:43:51 GMT
Content-Type: text/html; charset=ISO-8859-1
Connection: keep-alive
Cache-Control: max-age=86400
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
X-Cache: HIT
CURL Example with Referrer:
~$ curl -I http://foo.bar.netdna-cdn.com/ --referer http://domain.com
HTTP/1.1 301 Moved Permanently
Date: Mon, 09 Feb 2015 21:42:41 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: https://example.com/banned.html
Server: NetDNA-cache/2.2
Resulting NGINX Configuration Block:
location / {
if ($http_referer ~ http://domain.com) {
rewrite ^ https://example.com/banned.html permanent;
}
Redirect By User Agent
CURL Example without User Agent:
~$ curl -I http://foo.bar.netdna-cdn.com/
HTTP/1.1 200 OK
Date: Mon, 09 Feb 2015 21:50:07 GMT
Content-Type: text/html; charset=ISO-8859-1
Connection: keep-alive
Cache-Control: max-age=86400
Vary: Accept-Encoding
Server: NetDNA-cache/2.2
X-Cache: HIT
CURL Example with User Agent:
~$ curl -I http://foo.bar.netdna-cdn.com/ -A "Android"
HTTP/1.1 301 Moved Permanently
Date: Mon, 09 Feb 2015 21:50:13 GMT
Content-Type: text/html
Content-Length: 184
Connection: keep-alive
Location: https://example.com/mobile
Server: NetDNA-cache/2.2
Resulting NGINX Configuration Block:
location / {
if ($http_user_agent ~* (Android|iPhone)) {
rewrite ^ https://example.com/mobile permanent;
...
}
X-XSS-Protection
X-XSS-Protection is a HTTP header that provides ability for domains to take OFF or ON XSS filter which prevents XSS related attacks. This headers is understood by Internet Explorer 8 (and newer versions).
IE response with XSS enabled when potential XSS attack is spotted:
Resulting NGINX Configuration Block:
location / {
add_header X-XSS-Protection "1; mode=block";
...
}
Add Canonical Header
This header will set the preferred URL for SEO purpose so that Search Engines treat CDN links same way as corresponding origin URL. So, if http://cdn.domain.com/file.jpg
is listed as the canonical header it will force Search Engines to treat it same as it was corresponding origin URL http://domain.com/file.jpg
.
Resulting NGINX Configuration Block:
location / {
add_header Link "<$scheme://$http_host$request_uri>; rel=\"canonical\"";
...
}
Add X-Robots-Tag
X-Robots-Tag HTTP header provides the ability to control of how specific (or all) pages are being treated by Search Engines (indexed and served in search results). In general, we don't want pages from CDN to be indexed or shown in search results, so this HTTP header can be used to prevent this from happening.
Resulting NGINX Configuration Block:
location ~ \.(?:pdf|htm?l|png|jpe?g|gif)$ {
add_header X-Robots-Tag "noindex";
add_header X-Robots-Tag "googlebot: nofollow";
...
}
X-Robots-Tag values description:
In the X-Robots-Tag header, noindex prevents from showing page(s) in search results and prevents from showing a Cached link in search results. nofollow prevents Google from following links within page(s).
Block By Country
This feature will provide ability to take control over CDN content accessibility on geographical area basis by using country code as a referrer and responding with appropriate status code.
Resulting NGINX Configuration Block:
location / {
if ($geoip_city_country_code = CN) {
return 403;
} ... }
You can find the list of country codes on this page.
Redirect By Country
This feature, similar to "Block By Country", provides ability to treat requests from predefined countries by redirecting accordingly. Following example shows the use case where appropriate CDN content is served based on a country from where the end user loads CDN files, based on a country code.
Resulting NGINX Configuration Block:
location / {
if ($geoip_city_country_code ~* (US|UK)) {
rewrite ^ https://english.$http_host$request_uri$1 permanent;
}... }
You can find the list of country codes on this page.
We hope this article was helpful and as always, If there are any questions or concerns about any of the topics mentioned in this article, please feel free to reach out to support - we are available 24/7 by chat or email!