Edge Rules use a powerful wildcard matching system for trigger paths. Understanding how to properly configure these patterns helps you create precise rules that trigger only when needed.Documentation Index
Fetch the complete documentation index at: https://docs.bunny.net/llms.txt
Use this file to discover all available pages before exploring further.
Wildcard basics
The* wildcard matches any sequence of characters. You can use it anywhere in the trigger path:
| Pattern | Matches | Does Not Match |
|---|---|---|
*.jpg | /image.jpg, /photos/sunset.jpg | /image.png, /image.jpg.bak |
/images/* | /images/logo.png, /images/photos/cat.jpg | /img/logo.png |
*://example.com/* | https://example.com/page, https://example.com/file.css | https://sub.example.com/page |
Common patterns
Matching by file extension
To match all files with a specific extension, use*.extension:
.mp4 file regardless of path depth.
Matching subdomains
Use wildcards to match all subdomains or exclude them:| Pattern | Description |
|---|---|
*://*.example.com/* | Matches all subdomains |
*://example.com/* | Matches only the root domain (no subdomain) |
*://*example.com/* | Matches root domain and all subdomains |
Matching specific paths
| Pattern | Matches |
|---|---|
/api/* | All paths starting with /api/ |
*/admin/* | Any URL containing /admin/ |
/v1/*/users | Paths like /v1/api/users, /v1/service/users |
Important considerations
Query parameters are not matched
For example, if your trigger path is*.jpg, it will match:
/image.jpg/image.jpg?width=100
?width=100) is ignored during pattern matching.
HTTP vs HTTPS scheme matters
The trigger path is compared as a complete string, including the scheme. Make sure to account for both protocols:| Pattern | Matches |
|---|---|
http://example.com/* | Only HTTP requests |
https://example.com/* | Only HTTPS requests |
*://example.com/* | Both HTTP and HTTPS requests |
Use
*:// to match both HTTP and HTTPS if your rule should apply regardless
of protocol.Trailing slashes are required for root paths
Due to HTTP protocol design, the trigger path always contains a trailing slash when accessing a root path.| Trigger Path | Will Match Root? |
|---|---|
http://example.com | No |
http://example.com/ | Yes |
*://example.com/* | Yes |
Examples
Block access to admin paths
Block access to admin paths
Trigger path:
*/admin/*This blocks access to any URL containing /admin/ in the path, such as:https://example.com/admin/dashboardhttps://example.com/app/admin/users
Match all image files
Match all image files
Trigger path:
*.jpg (repeat for each extension)Or use the File Extension condition type instead, which allows you to specify extensions like jpg, png, gif without wildcards.Match a specific hostname
Match a specific hostname
Trigger path:
*://cdn.example.com/*This matches all requests to cdn.example.com regardless of protocol, path, or query string.Match paths starting with /api but not /api/public
Match paths starting with /api but not /api/public
You’ll need two rules:
- First rule (higher priority): Allow
/api/public/*- use Disable action or skip - Second rule (lower priority): Apply your action to
/api/*
Related
- Rule Ordering - Control which rules execute first
- Dynamic Variables - Use variables in your rule actions
- Custom Cache Time - Example using file extension matching