---
title: "Client Request Access"
slug: "client-request-access"
updated: 2024-11-05T17:52:44Z
published: 2024-11-05T17:52:44Z
stale: true
---
> ## Documentation Index
> Fetch the complete documentation index at: https://docs.qwilt.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Client Request Access
## Overview
This feature lets you set the conditions for rejecting or redirecting client requests based on header information. For example, to block referrer URLs or user agents.
This is a Processing Stages rule that is applied to the client request. It can be configured for a host or a path. If you add this rule to a path configuration, it is important to understand the inheritance logic. [Learn more about Processing Stage rules.](/v1/docs/processing-stages)
## Configure the Rule
Here, we'll describe how to configure the rule with the Delivery Service Management UI.
API Users may choose to [build the site configuration offline](https://api-docs.qwilt.cqloud.com/docs/CDN%20APIs/Sites%20API/prepare-the-configuration-json).
**To configure a Client Request Access rule:**
1. [Navigate to the Select Rule dialog](/v1/docs/add-a-rule).
2. In the Select Rule dialog, choose **Client Request Access**.
{height="" width=""}
3. Configure the rule:
| Outcome | How to Configure |
| --- | --- |
| **Deny All** | To deny all requests, enter the relevant deny status code in the Status Code field.
{height="" width=""} |
| **Redirect All** | To redirect all requests, enter the relevant redirect status code and set the redirect target.
You can set a dynamic redirect target using a [MEL expression](/v1/docs/mel-quick-reference).
{height="" width=""} |
|**Conditional Match**| To define conditions for denying or redirecting some client requests, on the Conditional Match tab, create the match condition [(MEL expression)](/v1/docs/mel-quick-reference). Then use the Status Code and Redirect Target fields to determine what happens to a request that is not a match.
 |
5. Choose **Add Rule**.
## SVTA Component: MI.ProcessingStages
When you save the site configuration, the **client-request** component is added to the JSON configuration within the **MI.ProcessingStages** component.
**Deny All**
This is an example of a *Deny All* rule that tells the CDN to deny all matches.
```
{
"generic-metadata-type": "MI.ProcessingStages",
"generic-metadata-value": {
"client-request": [
{
"stage-metadata": [
{
"response-transform": {
"synthetic": {
"response-status": "401"
}
}
}
]
}
]
}
}
```
**Redirect All**
This is an example of a *Redirect All* rule that redirects all matches to http://origin.example.com.
```
{
"generic-metadata-type": "MI.ProcessingStages",
"generic-metadata-value": {
"client-request": [
{
"stage-metadata": [
{
"response-transform": {
"synthetic": {
"response-status": "301",
"headers": [
{
"name": "location",
"value": "http://origin.example.com",
"value-is-expression": false
}
]
}
}
}
]
}
]
}
}
```
**Redirect All with a Dynamic Redirect Target**
This is an example of a *Redirect All* rule that instructs the CDN to redirect all matches and uses a MEL expression to determine the redirect target.
```
{
"generic-metadata-type": "MI.ProcessingStages",
"generic-metadata-value": {
"client-request": [
{
"stage-metadata": [
{
"response-transform": {
"synthetic": {
"response-status": "301",
"headers": [
{
"name": "location",
"value": "'https://example.alternate.server.com' . req.uri.path",
"value-is-expression": true
}
]
}
}
}
]
}
]
}
}
```
**Conditional Match**
This is an example of a conditional match. The MEL expression instructs the CDN to look for a secret header. If the secret header is missing or does not recall to the specified secret token, the request is denied with a 403 response.
```
{
"generic-metadata-type": "MI.ProcessingStages",
"generic-metadata-value": {
"client-request": [
{
"stage-metadata": [
{
"response-transform": {
"synthetic": {
"response-status": "403"
}
}
}
],
"match": {
"expression": "req.h.MySecret == 'nil' or req.h.MySecret != 'm1y2e3f4b5m6m7y9'"
}
}
]
}
}
```