Edge Rules Recipes are designed to get you started with edge rules
by providing you with predefined rules for some frequently used
cases. Based on the list of frequent use cases with edge rules we
have the following list of predefined rules that you can use as a
starting point with edge rules usage.

To create a recipe, choose the one you prefer from nested “CREATE
RULE” option:

  1. Add CORS
    headers

    • CURL Example Before
    curl -I http://foo.bar.netdna-cdn.com/my/webfont.woff
    HTTP/1.1 200 OK 
    Date: Wed, 26 Mar 2014 17:59:23 GMT application/font-woff 
    Content-Length: 43572 
    Connection: keep-alive 
    Expires: Wed, 02 Apr 2014 17:59:23 GMT 
    Cache-Control: max-age=604800 
    Server: NetDNA-cache/2.2 
    X-Cache: HIT 
  2. CURL Example After
    curl -I http://foo.bar.netdna-cdn.com/my/webfont.woff
    HTTP/1.1 200 OK 
    Date: Wed, 26 Mar 2014 18:05:43 GMT application/font-woff 
    Content-Length: 43572 
    Connection: keep-alive 
    Expires: Wed, 02 Apr 2014 18:05:43 GMT 
    Cache-Control: max-age=604800 
    Access-Control-Allow-Origin: * 
    Server: NetDNA-cache/2.2 X-Cache: HIT 
  3. Resulting NGINX Configuration
    Block

    location ^~ \.(ttf|ttc|otf|eot|woff|font.css|css)$ {add_header Access-Control-Allow-Origin "*"; ... } 
  4. Hide
    X-Powered-By header

    • CURL Example Before
    curl -I http://foo.bar.netdna-cdn.com/example.html
    HTTP/1.1 200 OK 
    Date: Wed, 26 Mar 2014 18:08:11 GMT 
    Content-Type: text/html 
    Content-Length: 43572 
    Connection: keep-alive 
    Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT 
    Server: NetDNA-cache/2.2 
    Expires: Sat, 21 Mar 2015 18:08:11 GMT 
    Cache-Control: max-age=31104000 
    Vary: Accept-Encoding 
    Access-Control-Allow-Origin: * 
    X-Cache: HIT 
    X-Powered-By: My-Web-Server 
    Accept-Ranges: bytes 
  5. CURL Example After
    curl -I http://foo.bar.netdna-cdn.com/example.html
    HTTP/1.1 200 OK 
    Date: Wed, 26 Mar 2014 18:12:58 GMT 
    Content-Type: text/html 
    Content-Length: 43572 
    Connection: keep-alive 
    Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT 
    Server: NetDNA-cache/2.2 
    expires: Sat, 21 Mar 2015 18:12:58 GMT 
    Cache-Control: max-age=31104000 
    Vary: Accept-Encoding 
    Access-Control-Allow-Origin: * 
    X-Cache: HIT 
    Accept-Ranges: bytes 
  6. Resulting NGINX Configuration
    Block

    location / {proxy_hide_header X-Powered-By; ... } 
  7. Hide
    Server header

    • CURL Example Before
      curl -I http://foo.bar.netdna-cdn.com/file.css
      HTTP/1.1 200 OK 
      Date: Wed, 26 Mar 2014 18:15:37 GMT 
      Content-Type: text/css 
      Content-Length: 43572 
      Connection: keep-alive 
      Last-Modified: Thu, 21 No
      Expires: Sat, 21 Mar 2015 18:15:37 GMT 
      Cache-Control: max-age=31104000 
      Server: NetDNA-cache/2.2 
      Vary: Accept-Encoding 
      Access-Control-Allow-Origin: * 
      X-Cache: HIT 
      Accept-Ranges: bytes 
    • CURL Example After
      curl -I http://foo.bar.netdna-cdn.com/file.css
      HTTP/1.1 200 OK 
      Date: Wed, 26 Mar 2014 18:15:54 GMT 
      Content-Type: text/css 
      Content-Length: 43572 
      Connection: keep-alive 
      Last-Modified: Thu, 21 No
      Expires: Sat, 21 Mar 2015 18:15:54 GMT 
      Cache-Control: max-age=31104000 
      Vary: Accept-Encoding 
      Access-Control-Allow-Origin: * 
      X-Cache: HIT 
      Accept-Ranges: bytes 
    • Resulting NGINX Configuration
      Block

      location / {proxy_hide_header Server; ... } 
  8. Hide S3
    Headers

    • CURL Example Before
      curl -I http://foo.bar.netdna-cdn.com/styles/file.css
      HTTP/1.1 200 OK 
      Date: Wed, 26 Mar 2014 18:20:15 GMT 
      Content-Type: text/css 
      Content-Length: 123456 
      Connection: keep-alive 
      Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT 
      Expires: Sat, 21 Mar 2015 18:20:15 GMT 
      Cache-Control: max-age=31104000 
      Vary: Accept-Encoding 
      x-amz-request-id: 123bc145-b1b2-13b6-bd52-5b6a56eb3c56 
      Access-Control-Allow-Origin: * 
      X-Cache: HIT 
      Accept-Ranges: bytes 
    • CURL Example After
      curl -I http://foo.bar.netdna-cdn.com/styles/file.css
      HTTP/1.1 200 OK 
      Date: Wed, 26 Mar 2014 18:20:43 GMT 
      Content-Type: text/css 
      Content-Length: 123456 
      Connection: keep-alive 
      Last-Modified: Thu, 21 Nov 2013 00:43:25 GMT 
      Expires: Sat, 21 Mar 2015 18:20:43 GMT 
      Cache-Control: max-age=31104000 
      Vary: Accept-Encoding 
      Access-Control-Allow-Origin: * 
      X-Cache: HIT 
      Accept-Ranges: bytes 
    • Resulting NGINX Configuration
      Block

      location / {
      		proxy_hide_header x-amz-id-2;
      		proxy_hide_header x-amz-meta-s3fox-filesize;
      		proxy_hide_header x-amz-meta-s3fox-modifiedtime;
      		proxy_hide_header x-amz-request-id;
      ...
      } 
  9. Force HTTPS
    Connections

    • CURL Example with HTTP
      ~$ curl -I http://foo.bar.netdna-cdn.com/
      HTTP/1.1 301 Moved Permanently
      Date: Mon, 09 Feb 2015 21:24:00 GMT
      Content-Type: text/html
      Content-Length: 184
      Connection: keep-alive
      Location: https://foo-bar.netdna-ssl.com/
      Server: NetDNA-cache/2.2
       
    • CURL Example with HTTPS
      ~$ curl -I https://123456789012345678901-netdnasa2.netdna-ssl.com/
      HTTP/1.1 200 OK
      Date: Mon, 09 Feb 2015 21:24:03 GMT
      Content-Type: text/html; charset=ISO-8859-1
      Connection: keep-alive
      Cache-Control: max-age=86400
      Vary: Accept-Encoding
      Server: NetDNA-cache/2.2
      X-Cache: HIT
       
    • Resulting NGINX Configuration
      Block

      location / {
      		if ($scheme = http) {                                  
      			rewrite ^ https://$http_host$request_uri permanent;
      		} 
  10. Redirect All Bots

    • CURL Example Wihtout Bots in Request
      ~$ curl -I http://foo.bar.netdna-cdn.com/ 
      HTTP/1.1 200 OK
      Date: Mon, 09 Feb 2015 21:33:16 GMT
      Content-Type: text/html; charset=ISO-8859-1
      Connection: keep-alive
      Cache-Control: max-age=86400
      Vary: Accept-Encoding
      Server: NetDNA-cache/2.2
      X-Cache: HIT 
    • CURL Example with Bot in Request
      ~$ curl -I http://foo.bar.netdna-cdn.com/ -A "Googlebot"
      HTTP/1.1 301 Moved Permanently
      Date: Mon, 09 Feb 2015 21:36:37 GMT
      Content-Type: text/html
      Content-Length: 184
      Connection: keep-alive
      Location: http://static.origin.com/
      Server: NetDNA-cache/2.2 
    • Resulting NGINX Configuration
      Block

      location / {
      		if ($http_user_agent ~* (crawl|Googlebot|Slurp|spider|bingbot|tracker|click|parser|spider)) {                                  
      			rewrite ^ http://static.origin.com$request_uri permanent;
      		} 
  11. Redirect By Referrer

    • CURL Example without Referrer
      ~$ curl -I http://foo.bar.netdna-cdn.com/
      HTTP/1.1 200 OK
      Date: Mon, 09 Feb 2015 21:43:51 GMT
      Content-Type: text/html; charset=ISO-8859-1
      Connection: keep-alive
      Cache-Control: max-age=86400
      Vary: Accept-Encoding
      Server: NetDNA-cache/2.2
      X-Cache: HIT
       
    • CURL Example with Referrer
      ~$ curl -I http://foo.bar.netdna-cdn.com/ --referer http://domain.com
      HTTP/1.1 301 Moved Permanently
      Date: Mon, 09 Feb 2015 21:42:41 GMT
      Content-Type: text/html
      Content-Length: 184
      Connection: keep-alive
      Location: https://example.com/banned.html
      Server: NetDNA-cache/2.2
      
    • Resulting NGINX Configuration Block
      location / {
      		if ($http_referer ~ http://domain.com) {                                  
      			rewrite ^ https://example.com/banned.html permanent;
      		} 
  12. Redirect By
    User Agent

    • CURL Example wihtout User Agent
      ~$ curl -I http://foo.bar.netdna-cdn.com/
      HTTP/1.1 200 OK
      Date: Mon, 09 Feb 2015 21:50:07 GMT
      Content-Type: text/html; charset=ISO-8859-1
      Connection: keep-alive
      Cache-Control: max-age=86400
      Vary: Accept-Encoding
      Server: NetDNA-cache/2.2
      X-Cache: HIT
    • CURL Example with User Agent
      ~$ curl -I http://foo.bar.netdna-cdn.com/ -A "Android"
      HTTP/1.1 301 Moved Permanently
      Date: Mon, 09 Feb 2015 21:50:13 GMT
      Content-Type: text/html
      Content-Length: 184
      Connection: keep-alive
      Location: https://example.com/mobile
      Server: NetDNA-cache/2.2
      
    • Resulting NGINX Configuration
      Block

      location / {
      		if ($http_user_agent ~* (Android|iPhone)) {                                  
      			rewrite ^ https://example.com/mobile permanent;
      ...
      		} 
  13. X-XSS-Protection
    X-XSS-Protection is a HTTP header that provides ability for
    domains to take OFF or ON XSS filter which prevents XSS related
    attacks. This headers is understood by Internet Explorer 8 (and
    newer versions).

    • IE response with XSS enabled when
      potential XSS attack is spotted:

    • Resulting NGINX Configuration
      Block

      location / {
      		add_header X-XSS-Protection "1; mode=block";
      ... 
      } 
  14. Add
    Canonical Header

    This header will set the preferred URL for SEO purpose so that Search Engines treat CDN links same way as corresponding origin URL. So, if you have http://cdn.domain.com/file.jpg canonical header will force Search Engines to treat it same as it was corresponding origin URL http://domain.com/file.jpg.

    • Resulting NGINX Configuration
      Block

      location / {                        
      		add_header Link "<$scheme://$http_host$request_uri>; rel=\"canonical\"";
      ... 
      } 
  15. Add
    X-Robots-Tag

    X-Robots-Tag HTTP header provides the ability to control of how specific (or all) pages are being treated by Search Engines (indexed and served in search results). In general, you don’t want pages from CDN to be indexed or shown in search results so, you can use this HTTP header to prevent this from happening.

    • Resulting NGINX Configuration
      Block

      location ~ \.(?:pdf|htm?l|png|jpe?g|gif)$ {                          
      		add_header X-Robots-Tag "noindex";
      		add_header X-Robots-Tag "googlebot: nofollow";
      ...
      }
    • X-Robots-Tag values description
      noindex prevents from showing page(s) in search results and prevents from showing a Cached link in search results.
      nofollow prevents Google from following links within page(s).
  16. Block By
    Country

    This feature will provide ability to take control over CDN content accessibility on geographical area basis by using country code as a referrer and responding with appropriate status code.

    • Resulting NGINX Configuration
      Block

      location / {
      		if ($geoip_city_country_code = CN) {                                  
      			return 403;
      		} ... } 
    • You can find the list of country codes on this page.
  17. Redirect By Country
    This feature, similar to “Block By Country”, provides ability to treat requests from predefined countries by redirecting accordingly. Following example shows the use case where appropriate CDN content is served based on a country from where the end user loads CDN files, based on a country code.

    • Resulting NGINX Configuration
      Block

      location / {
      		if ($geoip_city_country_code ~* (US|UK)) {                                  
      			rewrite ^ https://english.$http_host$request_uri$1 permanent;
      		}... } 
    • You can find the list of country codes on this page.