Regular expressions (REGEX) are used in match conditions for load balancer rules.

Perl Compatible Regular Expressions (PCRE) style REGEX patterns is supported with a few limitations on advanced use cases. When REGEX is used in match conditions, named capturing groups are supported.

REGEX restrictions include:

  • Character unions and intersections are not supported. For example, do not use [a-z[0-9]] and [a-z&&[aeiou]] instead use [a-z0-9] and [aeiou] respectively.
  • Only 9 back references are supported and \1 through \9 can be used to refer to them.
  • Use \0dd format to match octal characters, not the \ddd format.
  • Embedded flags are not supported at the top level, they are only supported within groups. For example, do not use "Case (?i:s)ensitive" instead use "Case ((?i:s)ensitive)".
  • Preprocessing operations \l, \u, \L, \U are not supported. Where \l - lowercase next char \u - uppercase next char \L - lower case until \E \U - upper case to \E.
  • (?(condition)X), (?{code}), (??{Code}) and (?#comment) are not supported.
  • Predefined Unicode character class \X is not supported
  • Using named character construct for Unicode characters is not supported. For example, do not use \N{name} instead use \u2018.

    When REGEX is used in match conditions, named capturing groups are supported. For example, REGEX match pattern /news/(?<year>\d+)-(?<month>\d+)-(?<day>\d+)/(?<article>.*) can be used to match a URI like /news/2018-06-15/news1234.html.

    Then variables are set as follows, $year = "2018" $month = "06" $day = "15" $article = "news1234.html". After the variables are set, these variables can be used in load balancer rule actions. For example, URI can be rewritten using the matched variables like, /news.py?year=$year&month=$month&day=$day&article=$article. Then the URI gets rewritten as /news.py?year=2018&month=06&day=15&article=news1234.html.

    Rewrite actions can use a combination of named capturing groups and built-in variables. For example, URI can be written as /news.py?year=$year&month=$month&day=$day&article=$article&user_ip=$_remote_addr. Then the example URI gets rewritten as /news.py?year=2018&month=06&day=15&article=news1234.html&user_ip=1.1.1.1.

    Note: For named capturing groups, the name cannot start with an _ character.
    In addition to named capturing groups, the following built-in variables can be used in rewrite actions. All the built-in variable names start with _.
    • $_args - arguments from the request
    • $_arg_<name> - argument <name> in the request line
    • $_cookie_<name> - value of <name> cookie
    • $_upstream_cookie_<name> - cookie with the specified name sent by the upstream server in the "Set-Cookie" response header field
    • $_upstream_http_<name> - arbitrary response header field and <name> is the field name converted to lower case with dashes replaced by underscores
    • $_host - in the order of precedence - host name from the request line, or host name from the "Host" request header field, or the server name matching a request
    • $_http_<name> - arbitrary request header field and <name> is the field name converted to lower case with dashes replaced by underscores
    • $_https - "on" if connection operates in SSL mode, or "" otherwise
    • $_is_args - "?" if a request line has arguments, or "" otherwise
    • $_query_string - same as $_args
    • $_remote_addr - client address
    • $_remote_port - client port
    • $_request_uri - full original request URI (with arguments)
    • $_scheme - request scheme, "http" or "https"
    • $_server_addr - address of the server which accepted a request
    • $_server_name - name of the server which accepted a request
    • $_server_port - port of the server which accepted a request
    • $_server_protocol - request protocol, usually "HTTP/1.0" or "HTTP/1.1"
    • $_ssl_client_escaped_cert - returns the client certificate in the PEM format for an established SSL connection.
    • $_ssl_server_name - returns the server name requested through SNI
    • $_uri - URI path in request
    • $_ssl_ciphers: returns the client SSL ciphers
    • $_ssl_client_i_dn: returns the "issuer DN" string of the client certificate for an established SSL connection according to RFC 2253
    • $_ssl_client_s_dn: returns the "subject DN" string of the client certificate for an established SSL connection according to RFC 2253
    • $_ssl_protocol: returns the protocol of an established SSL connection
    • $_ssl_session_reused: returns "r" if an SSL session was reused, or "." otherwise