API Reference
Core Platform API
- Overview
- Errors
- GETList Pull Zones
- POSTAdd Pull Zone
- GETGet Pull Zone
- POSTUpdate Pull Zone
- DELDelete Pull Zone
- GETGet Origin Shield Queue Statistics
- GETGet SafeHop Statistics
- GETGet Optimizer Statistics
- GETLoad Free Certificate
- POSTAdd/Update Edge Rule
- POSTSet Edge Rule Enabled
- POSTChange hostname private key type
- POSTPurge Cache
- POSTCheck the pull zone availability
- POSTAdd Custom Certificate
- POSTAdd Custom Hostname
- POSTSet Force SSL
- POSTReset Token Key
- POSTAdd Allowed Referer
- POSTRemove Allowed Referer
- POSTAdd Blocked Referer
- POSTRemove Blocked Referer
- POSTAdd Blocked IP
- POSTRemove Blocked IP
- DELDelete Edge Rule
- DELRemove Certificate
- DELRemove Custom Hostname
- GET
Origin Errors API
Storage API
Stream API
Shield API
Edge Scripting API
curl --request POST \
--url https://api.bunny.net/pullzone \
--header 'AccessKey: <api-key>' \
--header 'Content-Type: application/json' \
--data '
{
"PreloadingScreenShowOnFirstVisit": true,
"Name": "<string>",
"OriginUrl": "<string>",
"AllowedReferrers": [
"<string>"
],
"BlockedReferrers": [
"<string>"
],
"BlockNoneReferrer": true,
"BlockedIps": [
"<string>"
],
"EnableGeoZoneUS": true,
"EnableGeoZoneEU": true,
"EnableGeoZoneASIA": true,
"EnableGeoZoneSA": true,
"EnableGeoZoneAF": true,
"BlockRootPathAccess": true,
"BlockPostRequests": true,
"EnableQueryStringOrdering": true,
"EnableWebpVary": true,
"EnableAvifVary": true,
"EnableMobileVary": true,
"EnableCountryCodeVary": true,
"EnableCountryStateCodeVary": true,
"EnableHostnameVary": true,
"EnableCacheSlice": true,
"ZoneSecurityEnabled": true,
"ZoneSecurityIncludeHashRemoteIP": true,
"IgnoreQueryStrings": true,
"MonthlyBandwidthLimit": 123,
"AccessControlOriginHeaderExtensions": [
"<string>"
],
"EnableAccessControlOriginHeader": true,
"DisableCookies": true,
"BudgetRedirectedCountries": [
"<string>"
],
"BlockedCountries": [
"<string>"
],
"CacheControlMaxAgeOverride": 123,
"CacheControlPublicMaxAgeOverride": 123,
"CacheControlBrowserMaxAgeOverride": 123,
"AddHostHeader": true,
"AddCanonicalHeader": true,
"EnableLogging": true,
"LoggingIPAnonymizationEnabled": true,
"PermaCacheStorageZoneId": 123,
"PermaCacheType": "Automatic",
"AWSSigningEnabled": true,
"AWSSigningKey": "<string>",
"AWSSigningRegionName": "<string>",
"AWSSigningSecret": "<string>",
"EnableOriginShield": true,
"OriginShieldZoneCode": "<string>",
"EnableTLS1": true,
"EnableTLS1_1": true,
"CacheErrorResponses": true,
"VerifyOriginSSL": true,
"LogForwardingEnabled": true,
"LogForwardingHostname": "<string>",
"LogForwardingPort": 123,
"LogForwardingToken": "<string>",
"LogForwardingProtocol": "UDP",
"LoggingSaveToStorage": true,
"LoggingStorageZoneId": 123,
"FollowRedirects": true,
"ConnectionLimitPerIPCount": 123,
"RequestLimit": 123,
"LimitRateAfter": 123,
"LimitRatePerSecond": 123,
"BurstSize": 123,
"ErrorPageEnableCustomCode": true,
"ErrorPageCustomCode": "<string>",
"ErrorPageEnableStatuspageWidget": true,
"ErrorPageStatuspageCode": "<string>",
"ErrorPageWhitelabel": true,
"OptimizerEnabled": true,
"OptimizerTunnelEnabled": true,
"OptimizerDesktopMaxWidth": 2500,
"OptimizerMobileMaxWidth": 2500,
"OptimizerImageQuality": 50,
"OptimizerMobileImageQuality": 50,
"OptimizerEnableWebP": true,
"OptimizerPrerenderHtml": true,
"OptimizerEnableManipulationEngine": true,
"OptimizerMinifyCSS": true,
"OptimizerMinifyJavaScript": true,
"OptimizerWatermarkEnabled": true,
"OptimizerWatermarkUrl": "<string>",
"OptimizerWatermarkPosition": 0,
"OptimizerWatermarkOffset": 123,
"OptimizerWatermarkMinImageSize": 123,
"OptimizerAutomaticOptimizationEnabled": true,
"OptimizerClasses": [
{
"Name": "<string>",
"Properties": {}
}
],
"OptimizerForceClasses": true,
"OptimizerStaticHtmlWordPressPath": "<string>",
"OptimizerStaticHtmlWordPressBypassCookie": "<string>",
"Type": "Premium",
"OriginRetries": 123,
"OriginConnectTimeout": 123,
"OriginResponseTimeout": 123,
"UseStaleWhileUpdating": true,
"UseStaleWhileOffline": true,
"OriginRetry5XXResponses": true,
"OriginRetryConnectionTimeout": true,
"OriginRetryResponseTimeout": true,
"OriginRetryDelay": 123,
"DnsOriginPort": 123,
"DnsOriginScheme": "<string>",
"QueryStringVaryParameters": [
"<string>"
],
"OriginShieldEnableConcurrencyLimit": true,
"OriginShieldMaxConcurrentRequests": 5000,
"EnableCookieVary": true,
"CookieVaryParameters": [
"<string>"
],
"EnableSafeHop": true,
"OriginShieldQueueMaxWaitTime": 123,
"OriginShieldMaxQueuedRequests": 15000,
"UseBackgroundUpdate": true,
"EnableAutoSSL": true,
"LogAnonymizationType": "OneDigit",
"StorageZoneId": 123,
"EdgeScriptId": 123,
"MiddlewareScriptId": 123,
"EdgeScriptExecutionPhase": "Cache",
"OriginType": "OriginUrl",
"MagicContainersAppId": "<string>",
"MagicContainersEndpointId": "<string>",
"LogFormat": "Plain",
"LogForwardingFormat": "Plain",
"ShieldDDosProtectionType": "DetectOnly",
"ShieldDDosProtectionEnabled": true,
"OriginHostHeader": "<string>",
"EnableSmartCache": true,
"EnableRequestCoalescing": true,
"RequestCoalescingTimeout": 123,
"DisableLetsEncrypt": true,
"EnableBunnyImageAi": true,
"BunnyAiImageBlueprints": [
{
"Name": "<string>",
"Properties": {}
}
],
"PreloadingScreenEnabled": true,
"PreloadingScreenCode": "<string>",
"PreloadingScreenLogoUrl": "<string>",
"PreloadingScreenTheme": "Light",
"PreloadingScreenCodeEnabled": true,
"PreloadingScreenDelay": 5000,
"RoutingFilters": [
"<string>"
],
"StickySessionType": "Off",
"StickySessionCookieName": "<string>",
"StickySessionClientHeaders": "<string>",
"OptimizerEnableUpscaling": true,
"EnableWebSockets": true,
"MaxWebSocketConnections": 123
}
'Add Pull Zone
curl --request POST \
--url https://api.bunny.net/pullzone \
--header 'AccessKey: <api-key>' \
--header 'Content-Type: application/json' \
--data '
{
"PreloadingScreenShowOnFirstVisit": true,
"Name": "<string>",
"OriginUrl": "<string>",
"AllowedReferrers": [
"<string>"
],
"BlockedReferrers": [
"<string>"
],
"BlockNoneReferrer": true,
"BlockedIps": [
"<string>"
],
"EnableGeoZoneUS": true,
"EnableGeoZoneEU": true,
"EnableGeoZoneASIA": true,
"EnableGeoZoneSA": true,
"EnableGeoZoneAF": true,
"BlockRootPathAccess": true,
"BlockPostRequests": true,
"EnableQueryStringOrdering": true,
"EnableWebpVary": true,
"EnableAvifVary": true,
"EnableMobileVary": true,
"EnableCountryCodeVary": true,
"EnableCountryStateCodeVary": true,
"EnableHostnameVary": true,
"EnableCacheSlice": true,
"ZoneSecurityEnabled": true,
"ZoneSecurityIncludeHashRemoteIP": true,
"IgnoreQueryStrings": true,
"MonthlyBandwidthLimit": 123,
"AccessControlOriginHeaderExtensions": [
"<string>"
],
"EnableAccessControlOriginHeader": true,
"DisableCookies": true,
"BudgetRedirectedCountries": [
"<string>"
],
"BlockedCountries": [
"<string>"
],
"CacheControlMaxAgeOverride": 123,
"CacheControlPublicMaxAgeOverride": 123,
"CacheControlBrowserMaxAgeOverride": 123,
"AddHostHeader": true,
"AddCanonicalHeader": true,
"EnableLogging": true,
"LoggingIPAnonymizationEnabled": true,
"PermaCacheStorageZoneId": 123,
"PermaCacheType": "Automatic",
"AWSSigningEnabled": true,
"AWSSigningKey": "<string>",
"AWSSigningRegionName": "<string>",
"AWSSigningSecret": "<string>",
"EnableOriginShield": true,
"OriginShieldZoneCode": "<string>",
"EnableTLS1": true,
"EnableTLS1_1": true,
"CacheErrorResponses": true,
"VerifyOriginSSL": true,
"LogForwardingEnabled": true,
"LogForwardingHostname": "<string>",
"LogForwardingPort": 123,
"LogForwardingToken": "<string>",
"LogForwardingProtocol": "UDP",
"LoggingSaveToStorage": true,
"LoggingStorageZoneId": 123,
"FollowRedirects": true,
"ConnectionLimitPerIPCount": 123,
"RequestLimit": 123,
"LimitRateAfter": 123,
"LimitRatePerSecond": 123,
"BurstSize": 123,
"ErrorPageEnableCustomCode": true,
"ErrorPageCustomCode": "<string>",
"ErrorPageEnableStatuspageWidget": true,
"ErrorPageStatuspageCode": "<string>",
"ErrorPageWhitelabel": true,
"OptimizerEnabled": true,
"OptimizerTunnelEnabled": true,
"OptimizerDesktopMaxWidth": 2500,
"OptimizerMobileMaxWidth": 2500,
"OptimizerImageQuality": 50,
"OptimizerMobileImageQuality": 50,
"OptimizerEnableWebP": true,
"OptimizerPrerenderHtml": true,
"OptimizerEnableManipulationEngine": true,
"OptimizerMinifyCSS": true,
"OptimizerMinifyJavaScript": true,
"OptimizerWatermarkEnabled": true,
"OptimizerWatermarkUrl": "<string>",
"OptimizerWatermarkPosition": 0,
"OptimizerWatermarkOffset": 123,
"OptimizerWatermarkMinImageSize": 123,
"OptimizerAutomaticOptimizationEnabled": true,
"OptimizerClasses": [
{
"Name": "<string>",
"Properties": {}
}
],
"OptimizerForceClasses": true,
"OptimizerStaticHtmlWordPressPath": "<string>",
"OptimizerStaticHtmlWordPressBypassCookie": "<string>",
"Type": "Premium",
"OriginRetries": 123,
"OriginConnectTimeout": 123,
"OriginResponseTimeout": 123,
"UseStaleWhileUpdating": true,
"UseStaleWhileOffline": true,
"OriginRetry5XXResponses": true,
"OriginRetryConnectionTimeout": true,
"OriginRetryResponseTimeout": true,
"OriginRetryDelay": 123,
"DnsOriginPort": 123,
"DnsOriginScheme": "<string>",
"QueryStringVaryParameters": [
"<string>"
],
"OriginShieldEnableConcurrencyLimit": true,
"OriginShieldMaxConcurrentRequests": 5000,
"EnableCookieVary": true,
"CookieVaryParameters": [
"<string>"
],
"EnableSafeHop": true,
"OriginShieldQueueMaxWaitTime": 123,
"OriginShieldMaxQueuedRequests": 15000,
"UseBackgroundUpdate": true,
"EnableAutoSSL": true,
"LogAnonymizationType": "OneDigit",
"StorageZoneId": 123,
"EdgeScriptId": 123,
"MiddlewareScriptId": 123,
"EdgeScriptExecutionPhase": "Cache",
"OriginType": "OriginUrl",
"MagicContainersAppId": "<string>",
"MagicContainersEndpointId": "<string>",
"LogFormat": "Plain",
"LogForwardingFormat": "Plain",
"ShieldDDosProtectionType": "DetectOnly",
"ShieldDDosProtectionEnabled": true,
"OriginHostHeader": "<string>",
"EnableSmartCache": true,
"EnableRequestCoalescing": true,
"RequestCoalescingTimeout": 123,
"DisableLetsEncrypt": true,
"EnableBunnyImageAi": true,
"BunnyAiImageBlueprints": [
{
"Name": "<string>",
"Properties": {}
}
],
"PreloadingScreenEnabled": true,
"PreloadingScreenCode": "<string>",
"PreloadingScreenLogoUrl": "<string>",
"PreloadingScreenTheme": "Light",
"PreloadingScreenCodeEnabled": true,
"PreloadingScreenDelay": 5000,
"RoutingFilters": [
"<string>"
],
"StickySessionType": "Off",
"StickySessionCookieName": "<string>",
"StickySessionClientHeaders": "<string>",
"OptimizerEnableUpscaling": true,
"EnableWebSockets": true,
"MaxWebSocketConnections": 123
}
'Authorizations
API Access Key authorization header
Body
Determines if the preloading screen is shown on the first load from a user.
The name of the pull zone.
Sets the origin URL of the Pull Zone
Sets the list of referrer hostnames that are allowed to access the pull zone. Requests containing the header Referer: hostname that is not on the list will be rejected. If empty, all the referrers are allowed
Sets the list of referrer hostnames that are blocked from accessing the pull zone.
Sets the list of IPs that are blocked from accessing the pull zone. Requests coming from the following IPs will be rejected. If empty, all the IPs will be allowed
Determines if the delivery from the North America region should be enabled for this pull zone
Determines if the delivery from the Europe region should be enabled for this pull zone
Determines if the delivery from the Asia / Oceania regions should be enabled for this pull zone
Determines if the delivery from the South America region should be enabled for this pull zone
Determines if the delivery from the Africa region should be enabled for this pull zone
Determines if the zone should block requests to the root of the zone.
Determines if the POST requests to this zone should be rejected.
Determines if the query string ordering should be enabled.
Determines if the WebP Vary feature should be enabled.
Determines if the AVIF Vary feature should be enabled.
Determines if the Mobile Vary feature is enabled.
Determines if the Country Code Vary feature should be enabled.
Determines if the Country State Code Vary feature should be enabled.
Determines if the Hostname Vary feature should be enabled.
Determines if cache slicing (Optimize for video) should be enabled for this zone
Determines if the zone token authentication security should be enabled
Determines if the token authentication IP validation should be enabled
Determines if the Pull Zone should ignore query strings when serving cached objects (Vary by Query String)
Sets the monthly limit of bandwidth in bytes that the pullzone is allowed to use
Sets the list of extensions that will return the CORS headers
Determines if CORS headers should be enabled
Determines if the Pull Zone should automatically remove cookies from the responses
Sets the list of two letter Alpha2 country codes that will be redirected to the cheapest possible region
Sets the list of two letter Alpha2 country codes that will be blocked from accessing the zone
Sets the cache control override setting for this zone
Sets the browser cache control override setting for this zone
(Deprecated) Sets the browser cache control override setting for this zone
Determines if the zone should forward the requested host header to the origin
Determines if the canonical header should be added by this zone
Determines if the logging should be enabled for this zone
Determines if the log anonoymization should be enabled
The ID of the storage zone that should be used as the Perma-Cache
Determines Perma-Cache behavior
Automatic, Manual "Automatic"
Determines if the AWS signing should be enabled or not
Sets the AWS signing key
Sets the AWS signing region name
Sets the AWS signing secret key
Determines if the origin shield should be enabled
Determines the zone code where the origin shield should be set up
Determines if the TLS 1 should be enabled on this zone
Determines if the TLS 1.1 should be enabled on this zone
Determines if the cache error responses should be enabled on the zone
Determines if the SSL certificate should be verified when connecting to the origin
Sets the log forwarding token for the zone
Sets the log forwarding destination hostname for the zone
Sets the log forwarding port for the zone
Sets the log forwarding token for the zone
Sets the log forwarding protocol type
UDP, TCP, TCPEncrypted, DataDog "UDP"
Determines if the logging permanent storage should be enabled
Sets the Storage Zone id that should contain the logs from this Pull Zone
Determines if the zone should follow redirects return by the oprigin and cache the response
Determines the maximum number of connections per IP that will be allowed to connect to this Pull Zone
Determines the maximum number of requests per second that will be allowed to connect to this Pull Zone
Determines the amount of traffic transferred before the client is limited
Determines the maximum number of requests per second coming from a single IP before it is blocked.
Determines the maximum burst requests before an IP is blocked
Determines if custom error page code should be enabled.
Contains the custom error page code that will be returned
Determines if the statuspage widget should be displayed on the error pages
The statuspage code that will be used to build the status widget
Determines if the error pages should be whitelabel or not
Determines if the optimizer should be enabled for this zone
Determines if the optimizer origin tunnel system should be enabled for this zone
Determines the maximum automatic image size for desktop clients
0 <= x <= 5000Determines the maximum automatic image size for mobile clients
0 <= x <= 5000Determines the image quality for desktop clients
1 <= x <= 100Determines the image quality for mobile clients
1 <= x <= 100Determines if the WebP optimization should be enabled
Determines if the SEO HTML prerender should be enabled
Determines the image manipulation should be enabled
Determines if the CSS minifcation should be enabled
Determines if the JavaScript minifcation should be enabled
Determines if image watermarking should be enabled
Sets the URL of the watermark image
Sets the position of the watermark image
0, 1, 2, 3, 4, 5 Sets the offset of the watermark image
Sets the minimum image size to which the watermark will be added
Determines if the automatic image optimization should be enabled
Determines the list of optimizer classes
Show child attributes
Show child attributes
Determines if the optimizer classes should be forced
Wordpress html path which should be bypassed by permacache in edge rule
Wordpress cookie which should be bypassed by permacache in edge rule
The type of the pull zone. Premium = 0, Volume = 1
Premium, Volume "Premium"
The number of retries to the origin server
The amount of seconds to wait when connecting to the origin. Otherwise the request will fail or retry.
The amount of seconds to wait when waiting for the origin reply. Otherwise the request will fail or retry.
Determines if we should use stale cache while cache is updating
Determines if we should use stale cache while the origin is offline
Determines if we should retry the request in case of a 5XX response.
Determines if we should retry the request in case of a connection timeout.
Determines if we should retry the request in case of a response timeout.
Determines the amount of time that the CDN should wait before retrying an origin request.
Determines the origin port of the pull zone.
Determines the origin scheme of the pull zone.
Determines if the origin shield concurrency limit is enabled.
Determines the number of maximum concurrent requests allowed to the origin.
1 <= x <= 10000Determines if the Cookie Vary feature is enabled.
Determines the max queue wait time
Determines the max number of origin requests that will remain in the queue
0 <= x <= 30000Determines if cache update is performed in the background.
If set to true, any hostnames added to this Pull Zone will automatically enable SSL.
Sets the log anonymization type for this pull zone
OneDigit, Drop "OneDigit"
The ID of the storage zone that will be used as the origin
The ID of the edge script that will be used as the origin
The ID of the middleware script
The execution phase of the edge script
Cache, LoadBalancer "Cache"
Determine the type of the origin for this Pull Zone
OriginUrl, DnsAccelerate, StorageZone, LoadBalancer, EdgeScript, MagicContainers, PushZone "OriginUrl"
0 = Plain
1 = JSON
Plain, JSON "Plain"
0 = Plain
1 = JSON
Plain, JSON "Plain"
0 = DetectOnly
1 = ActiveStandard
2 = ActiveAggressive
DetectOnly, ActiveStandard, ActiveAggressive "DetectOnly"
Sets the host header that will be sent to the origin
Determines if request coalescing is currently enabled.
Determines the lock time for coalesced requests.
If set to true, the built-in let's encrypt will be disabled and requests are passed to the origin.
Show child attributes
Show child attributes
Determines if the preloading screen is currently enabled
The custom preloading screen coed
The preloading screen logo URL
The currently configured preloading screem theme. (0 - Light, 1 - Dark)
Light, Dark "Light"
Determines if the custom preloader screen should be enabled
The delay in miliseconds after which the preloading screen will be displayed (0 - 10000ms)
0 <= x <= 10000The list of routing filters enabled for this zone
Whether to use a Sticky Session mechanism for this pull zone
Off, On "Off"
Sticky Session Cookie Name
A set of comma-separated header names used to identify clients
Determines if Optimizer should automatically upscale images
Determines if WebSocket connections are allowed for this Pull Zone.
Response
The Pull Zone was successfuly added
Was this page helpful?