Understanding and Configuring Cloudflare Page Rules (Page Rules Tutorial)

Page Rules trigger certain actions whenever a request matches one of the URL patterns you define. Learn to create and edit page rules and understand the different settings available.

This article formerly appeared under the titles Page Rules Tutorial and Is There a Page Rules Tutorial?


You can define a page rule to trigger one or more actions whenever a certain URL pattern is matched. The Page Rules app is available in the Cloudflare dashboard.

Page Rules require an "Orange Clouded" DNS record for your page rule to work. Page Rules won't apply to hostnames that don't exist in DNS or aren't being directed to Cloudflare.

The default number of allowed page rules depends on the domain plan as shown below.

Plan Page rules allowed









You can purchase additional rules (up to a maximum of 100) for domains in the Free, Pro, and Business plans.

Before getting started

It is important to understand two basic Page Rules behaviors:

  • Only the highest priority matching page rule takes effect on a request.
  • Page rules are prioritized in descending order in the Cloudflare dashboard, with the highest priority rule at the top.
Cloudflare recommends ordering your rules from most specific to least specific.

A page rule matches a URL pattern based on the following format (comprised of four segments):


An example URL with these four segments looks like:


The scheme and port segments are optional. If omitted, scheme matches both http:// and https:// protocols. If no port is specified, the rule will match all ports.

Finally, you can disable a page rule at any time. While a rule is disabled, actions won’t trigger but the rule still appears in the Page Rules app, is editable, and counts against the number of rules allowed for your domain. The Save as Draft option creates a page rule that is disabled by default.

Create a page rule

The steps to create a page rule are:

1. Log in to the Cloudflare dashboard.

2. Select the domain where you want to add the page rule.

3. Click the Page Rules app.

4. Under Page Rules, click Create Page Rule. The Create Page Rule for <your domain> dialog opens.

5. Under If the URL matches, enter the URL or URL pattern that should match the rule.Learn more about wildcard matching

6. Next, under Then the settings are: click + Add a Setting and select the desired setting from the dropdown. You can include more than one setting per rule. Learn more about settings in the summary below.

7. In the Order dropdown, specify the desired order: First, Last or Custom.

8. To save, click one of the following options:

  • Save as Draft to save the rule and leave it disabled.
  • Save and Deploy to save the rule and enable it immediately.
Consult Recommended Page Rules to Consider for ideas about the types of page rules you can create.

Edit a page rule

To modify an existing rule:

1. Log in to the Cloudflare dashboard.

2. Select the domain where you want to edit your page rule.

3. Click the Page Rules app.

4. Under Page Rules, locate the rule to edit..

5. Proceed to make the necessary changes, as follows:

  • To enable or disable a rule, click the On/Off toggle.
  • To modify the URL pattern, settings, and order, click the Edit button (wrench icon). In the dialog, enter the information you’d like to change.
  • To remove a rule, click the Delete button (x icon) and confirm by clicking OK in the Confirm dialog.

Understand wildcard matching and referencing

You can use the asterisk (*) in any URL segment to match certain patterns. For example,


Would match:


Helpful tips

  • To match both http and https, just write example.com. It is not necessary to write *.example.com.
  • To match every page on a domain, write example.com/*. Just writing example.com won’t work.

Referencing wildcard matches

You can reference a matched wildcard later using the $X syntax. X indicates the index of a glob pattern. As such, $1 represents the first wildcard match, $2 the second wildcard match, and so on.

This is specifically useful with the Forwarding URL setting. For example:

You could forward:




This rule would match:


which ends up being forwarded to:


To use a literal $ character in the forwarding URL, escape it by adding a backslash (\) in front: \$.

Avoid creating a redirect where the domain points to itself as the destination. This can cause an infinite redirect error and your site cannot be served to visitors.

Summary of Page Rules Settings

Settings control the action Cloudflare takes once a request matches the URL pattern defined in a page rule. You can use settings to enable and disable multiple Cloudflare features across several of the dashboard apps. Note that:

  • Some settings require a Pro, Business or Enterprise domain plan.
  • You can specify more than one setting to apply when the rule triggers.
  • Ports 80, 443, and 8080 are the only ports where Cloudflare Caching is available.

Below is the full list of settings available, presented in the order that they appear in the Cloudflare Page Rules UI.




Always Online

Turn on or off the Always Online feature of the Cloudflare Caching app. Learn more.

Disable this for sections of your site that should never return cached data, such as APIs or payment/cart pages.
  • All

Always Use HTTPS

Turn on or off the Always Use HTTPS feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. If enabled, any http:// URL is converted to https:// through a 301 redirect.

If this option does not appear, you do not have an active Edge Certificate.

  • All

Auto Minify

Indicate which file extensions to minify automatically. Learn more.

  • All

Automatic HTTPS Rewrites

Turn on or off the Cloudflare Automatic HTTPS Rewrites feature of the Edge Certificates tab in Cloudflare SSL/TLS app. Learn more.

  • All

Browser Cache TTL

Control how long resources cached by client browsers remain valid. Learn more.

  • All

Browser Integrity Check

Inspect the visitor's browser for headers commonly associated with spammers and certain bots. Learn more.

  • All

Bypass Cache on Cookie

Bypass Cache and fetch resources from the origin server if a regular expression matches against a cookie name present in the request.

If you add both this setting and the enterprise-only Cache On Cookie setting to the same page rule, Cache On Cookie takes precedence over Bypass Cache on Cookie.

See Additional details below to learn about limited regular expression support.

  • Business
  • Enterprise

Cache By Device Type

Separate cached content based on the visitor’s device type. Learn more.

  • Enterprise

Cache Deception Armor

Protect from web cache deception attacks while still allowing static assets to be cached. This setting verifies that the URL's extension matches the returned Content-TypeLearn more.

  • All

Cache Key

Also referred to as Custom Cache Key.

Control specifically what variables to include when deciding which resources to cache. This allows customers to determine what to cache based on something other than just the URL. Learn more.

To enable custom cache keys in your domain, file a request with Cloudflare Support.

  • Enterprise

Cache Level

Apply custom caching based on the option selected:

Bypass - Cloudflare does not cache.

No Query String - Delivers resources from cache when there is no query string.

Ignore Query String - Delivers the same resource to everyone independent of the query string.

Standard - Caches all static content that has a query string.

Cache Everything -  Treats all content as static and caches all file types beyond the Cloudflare default cached content.  Respects cache headers from the origin web server unless Edge Cache TTL is also set in the Page Rule. When combined with an Edge Cache TTL > 0, Cache Everything removes cookies from the origin web server response. 

  • All

Cache on Cookie

Apply the Cache Everything option (Cache Level setting) based on a regular expression match against a cookie name.

If you add both this setting and Bypass Cache on Cookie to the same page rule, Cache On Cookie takes precedence over Bypass Cache on Cookie.

  • Enterprise

Disable Apps

Turn off all active Cloudflare Apps.

  • All

Disable Performance

Turn off:

  • All

Disable Railgun

Turn off the Railgun feature of the Cloudflare Speed app.

  • Business
  • Enterprise

Disable Security

Turn off:

  • All

Edge Cache TTL

Specify how long to cache a resource in the Cloudflare edge network. Edge Cache TTL only takes effect when included as a setting in a Page Rule that also sets Cache Level to Cache EverythingEdge Cache TTL isn't visible in response headers.  The minimum Edge Cache TTL depends on plan type:

Free - 2 hours
Pro - 1 hour
Business - 30 minutes
Enterprise - 1 second

  • All

Email Obfuscation

Turn on or off the Cloudflare Email Obfuscation feature of the Cloudflare Scrape Shield app. Learn more.

  • All

Forwarding URL

Redirects one URL to another using an HTTP 301/302 redirectSee Understand wildcard matching and referencing above.

  • All

Host Header Override

Apply a specific host header. Learn more.

  • Enterprise

IP Geolocation Header

Cloudflare adds a CF-IPCountry HTTP header containing the country code that corresponds to the visitor.

  • All


Turn on or off Cloudflare Mirage of the Cloudflare Speed app. Learn more.

  • Pro
  • Business
  • Enterprise

Opportunistic Encryption

Turn on or off the Cloudflare Opportunistic Encryption feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. Learn more.

  • All
Origin Cache Control Origin Cache Control is enabled by default for Free, Pro, and Business domains and disabled by default for Enterprise domains.
  • All

Origin Error Page Pass-thru

Turn on or off Cloudflare error pages generated from issues sent from the origin server. If enabled, this setting triggers error pages issued by the origin.

  • Enterprise


Apply options from the Polish feature of the Cloudflare Speed app. Learn more.

  • Pro
  • Business
  • Enterprise

Query String Sort

Turn on or off the reordering of query strings. When query strings have the same structure, caching improves. Learn more.

  • Enterprise

Resolve Override

Change the origin address to the value specified in this setting. Learn more.

  • Enterprise

Respect Strong ETags

Turn on or off byte-for-byte equivalency checks between the Cloudflare cache and the origin server. Learn more.

  • Enterprise

Response Buffering

Turn on or off whether Cloudflare should wait for an entire file from the origin server before forwarding it to the site visitor. By default, Cloudflare sends packets to the client as they arrive from the origin server.

  • Enterprise

Rocket Loader

Turn on or off Cloudflare Rocket Loader in the Cloudflare Speed appLearn more.

  • All

Security Level

Control options for the Security Level feature from the Cloudflare Firewall app. Learn more.

  • All

Server Side Excludes

Turn on or off the Server Side Excludes feature of the Cloudflare Scrape Shield app. Learn more.

  • All


Control options for the SSL feature of the Edge Certificates tab in the Cloudflare SSL/TLS app. Learn more.

  • All

True Client IP Header

Turn on or off the True-Client-IP Header feature of the Cloudflare Network app. Learn more.

  • Enterprise

Web Application Firewall

Turn on or off your Web Application Firewall rules as defined in the Cloudflare Firewall app. Learn more. Learn more.

Individual WAF rules cannot be enabled or disabled via page rules.

  • Pro
  • Business
  • Enterprise

Additional details

Bypass Cache on Cookie setting

This setting is available to business and enterprise customers.

The Bypass Cache on Cookie setting supports basic regular expressions (regex) as follows:

  • A pipe operator (represented by |) to match multiple cookies using OR boolean logic. For example, bypass=.*|PHPSESSID=.* would bypass the cache if either a cookie called bypass or PHPSESSID were set, regardless of the cookie's value.
  • The wildcard operator (represented by .*), such that a rule value of “t.*st=” would match both a cookie called test and one called teeest.

Limitations include:

  • 150 chars per cookie regex
  • 12 wildcards per cookie regex
  • 1 wildcard in between each | in the cookie regex

To learn how to configure Bypass Cache on Cookie with a variety of platforms, review these articles:

Note: If you add both this setting and the enterprise-only Cache On Cookie setting to the same page rule, Cache On Cookie takes precedence over Bypass Cache on Cookie.

Not finding what you need?

95% of questions can be answered using the search tool. This is the quickest way to get a response.