vconf.set Reference¶
The vconf.set action customises Peakhour's request/response handling for specific URLs or conditions defined in a rule. It modifies the system's behaviour for needs such as custom CDN caching, using alternate origins, or altering WAF behaviour.
General¶
Continue on match¶
When enabled, Peakhour continues to process other rules in the same phase even after this rule matches. By default, rule processing stops after the first match in the URL Configuration phase.
Caching¶
Caching Configuration Options
These options configure caching behaviour.
CDN enabled¶
Enables caching of content based on the Cache-Control header.
CDN query mode¶
Controls how query strings affect caching.
| Setting | Description |
|---|---|
| none | Don't cache resources with a query string. |
| full | Cache resources using the full query string. |
| strip | Cache resources but strip the query string. |
Implicit cache TTL¶
Specifies the lifetime (in seconds) of cached objects if no Cache-Control header is present.
CDN skip cookie¶
Skips the CDN for requests with a cookie matching a specified pattern (e.g., SESS*).
CDN remove query args¶
Removes specified query arguments (comma-separated list) from the request path before looking up the resource in the cache.
Cache subkey vars¶
Uses additional variables to construct the cache key.
| Scheme | Description |
|---|---|
| query | Cache key is based on the full query string. |
| header | Cache key is based on the value of a specified request header. |
| cookie | Cache key includes the value of a specified cookie. |
| device_type | Includes device type (e.g., mobile, desktop) in the cache key. |
Cache strip cookies¶
Strips Set-Cookie headers from stored responses and the Cookie header from outgoing requests to potentially cacheable resources.
Cache ignore request cache control¶
Ignores Cache-Control request directives like max-age=0 or no-cache. If a cached response is present, it will always be served.
Edge TTL sec¶
Forces cached resources to be stored for at least a given number of seconds, regardless of origin headers.
Browser TTL sec¶
Overrides the Cache-Control: max-age header sent to the client. A value of 0 prevents client-side caching.
Force cache¶
Forces a resource to be cached even if Cache-Control prohibits it.
Force cache HTML only¶
Forces HTML documents to be cached even if Cache-Control prohibits it.
Cache Collapse¶
Collapses multiple simultaneous requests for the same uncached resource into a single request to the origin. This prevents origin overload during cache stampedes.
Redirection¶
HTTP redirect¶
Specifies the HTTP status code for a redirect.
| Setting | Description |
|---|---|
| 301 | Moved Permanently. |
| 302 | Found (Temporary Redirect). |
| 307 | Temporary Redirect. |
HTTP redirect location¶
The full URL to redirect the client to.
Web Application Firewall (WAF)¶
WAF Configuration Options
These options configure the Web Application Firewall.
Modsecurity mode¶
Specifies how the WAF reacts to security violations.
| Setting | Description |
|---|---|
| none | Disable WAF. |
| enforce | Send an HTTP 403 when a rule is triggered. |
| warn | Log the violation but allow the request to pass. |
Modsecurity removed rules¶
Specifies a list of WAF rule IDs to skip.
Blocklists¶
Specifies a comma-separated list of IP reputation blocklist categories to apply.
Origin Configuration¶
Origin Configuration Options
These options configure origin behaviour.
Load balancing mode¶
Specifies the load balancing mode for origin pools.
| Setting | Description |
|---|---|
| none | No load balancing; requests are sent to the first healthy origin. |
| round-robin | Distributes requests evenly between origins. |
| client-address | Binds a client IP to a particular origin for session persistence. |
Origin pool¶
Specifies the tag of the origin pool to use for the request.
Replace host¶
Specifies the Host header to use for downstream connections to the origin.
Replace path¶
Replaces a segment of the request path. The value should be space-separated, e.g., /old/path /new/path.
Rate Limiting¶
These options configure rate limiting behaviour.
Rate limit mode¶
Specifies when to apply rate limiting.
| Setting | Description |
|---|---|
| none | No rate limiting. |
| vhost | Apply global virtual-host rate limits. |
| zone | Apply rate limiting based on a named zone. |
Rate limit zone¶
Specifies the zone name to rate limit requests against. The Rate limit mode must include zone. For more information on rate limiting strategies, see the Understanding Rate Limiting guide.
HTTP Configuration¶
GZIP¶
Enables or disables GZIP compression of HTTP responses.
Brotli¶
Enables or disables Brotli compression, which often provides better compression than GZIP for text-based assets.
Websockets¶
Enables or disables support for the WebSocket protocol.
Track sessions¶
Sets a session ID cookie to track requests from a client during a single session.
Segment¶
Enables support for Range requests, allowing clients to fetch partial content (e.g., for video streaming).
Transforms¶
Transform Options
Enable resource transform¶
Globally enables or disables processing of responses through the transform server.
Transform option¶
Passes a custom option string to the transform server.
Enable HTML transform¶
Enables transformations on HTML responses, such as minification or script injection.
Inject RUM javascript¶
Injects the Real User Monitoring (RUM) JavaScript beacon onto the page to track browser visits and performance.
Inject Lazysizes¶
Injects the lazysizes.js library to enable lazy loading of images.
Rewrite HTTP links¶
Automatically rewrites http:// links to https:// in HTML responses to fix mixed content issues.
Use HTML image dimensions to resize images¶
Uses the width and height attributes of <img> tags in HTML to automatically add resizing query arguments to the image src.
Process ESI tags¶
Enables Edge Side Includes (ESI) processing for HTML responses.
Cache ESI transforms¶
Caches the result of ESI transformations.
Bot Guard¶
Bot JS injection¶
Enables or disables the injection of JavaScript for advanced bot mitigation.
Bot Block List¶
Selects a list of bots (by user-agent) to block. This can be inverted to function as an allow list.
Bot Block Invert¶
When enabled, blocks bots that are not in the Bot Block List. This effectively turns the block list into an allow list.
Bot RDNS Verification¶
Verifies bots against their published reverse DNS records to prevent user-agent spoofing.