Overview

An ACL is an expression that returns true or false, which you can then use to make a decision in your configuration. For example, should I route this request to backend A or backend B? Or, should I redirect this request to another domain? Or perhaps should I reject this client's connection?

ACLs allow you to test various conditions and perform a given action based on those tests.

These conditions cover many aspects of a request or response. Search for strings or patterns, check the originating IPs, recent request rates (via stick tables), TLS status, etc. The action you take can include making routing decisions, redirecting requests, returning static responses and so much more. While using logic operators (AND, OR, NOT) in other proxy solutions might be cumbersome, ACLs embrace them to form more complex conditions.

Next up