Optimising Performance with CDN Rules
Use rules engine to redirect HTTP to HTTPS, add security headers, and apply geo-filtering to restrict access to your content from specific countries.
Why Rules Engine Matters
Azure Front Door's rules engine (called Rule sets in Standard/Premium) allows you to intercept and modify HTTP requests and responses at the edge PoP before they are cached or forwarded to the origin. Without a rules engine, you would need to handle tasks like HTTP-to-HTTPS redirects, security response headers, and geo-blocking inside your origin application code — adding latency and coupling security concerns to business logic. Rules at the edge execute faster and reduce origin load.
HTTP to HTTPS Redirect
One of the most common rules engine use cases is enforcing HTTPS. When a client requests your site over HTTP, a redirect rule at the Front Door edge immediately returns a 301 Moved Permanently (or 302 Found) response pointing to the HTTPS URL — without the request ever reaching the origin. This is faster than origin-side redirects and ensures all traffic is encrypted in transit. Configure it as a redirect action on requests where the RequestScheme condition equals HTTP.
// Rules engine rule — redirect HTTP to HTTPS
// Match condition: RequestScheme Equals HTTP
// Action: URL Redirect
// Redirect type: Moved (301)
// Destination protocol: HTTPS
// Destination host: {http.request.host}
// Destination path: {http.request.uri.path}
// Query string: {http.request.uri.querystring}All lessons in this course
- Azure CDN Profiles and Endpoints
- Azure Front Door: Global Load Balancing
- Web Application Firewall on Front Door
- Optimising Performance with CDN Rules