Basics
- About the web interface controls
- Always-on DDoS mitigation
- Browser recommendations when using the Fastly web interface
- Content and its delivery
- Fastly POP locations
- Getting started with Fastly
- How caching and CDNs work
- How Fastly's CDN Service works
- HTTP status codes cached by default
- Self-provisioned Fastly services
- Sign up and create your first service
- Working with services
Domains & Origins
Performance
Basics
Dictionaries
Domains & Origins
- Changing origins based on user location
- Connecting to origins
- Enabling global POPs
- Failover configuration
- IPv6 support
- Maintaining separate HTTP and HTTPS requests to origin servers
- Routing assets to different origins
- Setting up redundant origin servers
- Specifying an override host
- Using Fastly with apex domains
Request settings
Cache settings
Headers
Responses
Performance
- About Dynamic Servers
- Cache control tutorial
- Caching configuration best practices
- Controlling caching
- Creating and using pools with Dynamic Servers
- Creating and using server entries with Dynamic Servers
- Enabling API caching
- Enabling automatic gzipping
- Failure modes with large files
- HTTP/2 server push
- Implementing API cache control
- Making query strings agnostic
- Request collapsing
- Segmented Caching
- Serving stale content
- Setting Surrogate-Key headers based on a URL
- Setting Surrogate-Key headers for Amazon S3 origins
- Streaming Miss
Purging
Custom VCL
- Accept-Language header VCL features
- Authenticating before returning a request
- Basic authentication
- Creating location-based tagging
- Custom responses that don't hit origin servers
- Delivering different content to different devices
- Enabling URL token validation
- Guide to VCL
- Isolating header values without regular expressions
- Manipulating the cache key
- IP geolocation variables: Migrating to the new dataset
- Overriding which IP address the geolocation features use
- Response Cookie handling
- Support for the Edge-Control header
- Understanding the different PASS action behaviors
- Using edge side includes (ESI)
- VCL regular expression cheat sheet
Image optimization
Video
Access Control Lists
Monitoring and testing
Securing communications
Security measures
TLS
- Domain validation for TLS certificates
- Enabling HSTS through Fastly
- Forcing a TLS redirect
- Managing domains on TLS certificates
- Serving HTTPS traffic using certificates you manage
- Serving HTTPS traffic using Fastly-managed certificates
- Setting up free TLS
- TLS key and certificate replacement
- TLS termination
Web Application Firewall
Logging endpoints
- Log streaming: Amazon S3
- Log streaming: Microsoft Azure Blob Storage
- Log streaming: Cloud Files
- Log streaming: Datadog
- Log streaming: DigitalOcean Spaces
- Log streaming: Elasticsearch
- Log streaming: FTP
- Log streaming: Google BigQuery
- Log streaming: Google Cloud Storage
- Log streaming: Honeycomb
- Log streaming: Kafka
- Log streaming: Log Shuttle
- Log streaming: LogDNA
- Log streaming: Logentries
- Log streaming: Loggly
- Log streaming: Heroku's Logplex
- Log streaming: OpenStack
- Log streaming: Papertrail
- Log streaming: Scalyr
- Log streaming: SFTP
- Log streaming: Splunk
- Log streaming: Sumo Logic
- Log streaming: Syslog
Non-Fastly services
Streaming logs
Debugging techniques
Common errors
Account management
Billing
User access and control
Caching configuration best practices
Last updated October 17, 2018
To ensure optimum origin performance during times of increased demand or during scheduled downtime for your servers, consider the following best practices for your service's caching configurations.
Check your cache hit ratio
The number of requests delivered by a cache server, divided by the number of cacheable requests (hits + misses), is called the "cache hit ratio." A high cache hit ratio means you've kept request traffic from hitting your origin unnecessarily. Requests come from cache instead. In general, you want your cache hit ratio as high as possible, usually in excess of 90%. You can check your hit ratio by viewing the Stats page for your service.
Set a fallback TTL
The amount of time information can be retained in cache memory is considered its "time to live" or TTL. TTL is set based on the cache related headers information returned from your origin server. When no cache related header exists for an object, you can specifically set a fallback TTL (sometimes called a "default TTL").
TIP: Setting the fallback TTL to 0 seconds in the web interface will set return(pass) in vcl_fetch.
We set a default fallback TTL that you can update at any time as follows:
- Log in to the Fastly web interface and click the Configure link.
- From the service menu, select the appropriate service.
- Click the Edit configuration button and then select Clone active. The Domains page appears.
- Click the Settings link. The Settings page appears.
-
In the Fallback TTL area, click the pencil icon next to the TTL setting.
- In the Fallback TTL (sec) field, type the new TTL in seconds.
- Click Save to save your changes.
- Click the Activate button to deploy your configuration changes.
NOTE: See our Google Cloud Storage instructions if you're changing the default TTL for a GCS bucket.
Configure Fastly to temporarily serve stale content
If your origin becomes unavailable for an extended period of time (for example, being taken offline for maintenance purposes), temporarily serving stale content may help you. Serving stale content can also benefit you if your site's static content is updated or published quite frequently.
You can instruct Fastly to serve stale content by adding a stale-while-revalidate or stale-if-error statement on your Cache-Control or Surrogate-Control headers. Our guide to serving stale content describes this in more detail.
Decrease your first byte timeout time
After you have configured Fastly to temporarily serve stale, decreasing your first byte timeout time will cause stale content to be served to the requestor faster while fetching fresh content from the origin. Decreasing your first byte timeout time as well as serving stale will reduce unnecessary 503 first byte timeout errors. Decrease the first byte timeout time to your origin as follows:
- Log in to the Fastly web interface and click the Configure link.
- From the service menu, select the appropriate service.
- Click the Edit configuration button and then select Clone active. The Domains page appears.
- Click the Origins link. The Origins page appears.
- In the Hosts area, find your origin server and click the pencil icon to edit the host. The Edit this host page appears.
- Click the Advanced options link at the bottom of the page. The Advanced options controls appear.
- In the First byte timeout field, type the new first byte timeout in milliseconds. Approximately 15000 milliseconds is a good default to start with.
- Click Update to save your changes.
- Click the Activate button to deploy your configuration changes.
Increase cache control header times
During times of increased demand, you can instruct Fastly to keep objects in cache as long as possible by increasing the times you set on your cache control headers. Consider changing the max-age on your Cache-Control or Surrogate-Control headers. Our guide to changing caching times on backend headers describes this in more detail.
Consider custom error handling
When downtime can't be avoided, standard error messages might not ensure the best user experience. Consider creating custom error messages that include information specific to the request being made and pertinent to the user. Our guide to creating error pages with custom responses provides more detail.
Inform Fastly Customer Support
We like to be sure we're readily available for assistance during customer events. When you know in advance that an event is forthcoming, contact support with details. Be sure to include details about:
- the date and time of the event
- the type of event happening
- how long you expect it to last (if it's planned)
- the Fastly services that might be affected
If the event you're planning is designed to validate the security of your service behind Fastly, be sure to read our guide to penetration testing first.
Back to Top