These articles describe how to restrict access to resources by allowing or blocking IP addresses with access control lists (ACLs).

• About ACLs
• Manually creating access control lists
• Using the IP block list
• Working with ACLs using the API
• Working with ACLs using the web interface

These articles describe how to secure communications between Fastly, your origin servers, and your customers.

• Accessing Fastly's IP ranges
• Support for App Transport Security

These articles provide information about the administrative, physical, and technical safeguards that protect the Fastly CDN service.

• Penetration testing your service behind Fastly
• Security measures
• Security program
• Technology compliance

These articles describe how to set up TLS certificates with Fastly services.

• Domain validation for TLS certificates
• Enabling HSTS through Fastly
• Enabling TLS 1.3 through Fastly
• Forcing a TLS redirect
• Managing domains on TLS certificates
• Serving HTTPS traffic using certificates you manage
• Serving HTTPS traffic using Fastly-managed certificates
• Setting up free TLS
• TLS key and certificate replacement
• TLS termination

These articles provide information about the Fastly Web Application Firewall (WAF) security product.

• About the Fastly WAF dashboard
• About the Fastly WAF rule management interface
• Creating a custom WAF error page
• Fastly WAF logging
• Managing rules on the Fastly WAF
• WAF Rule Exclusions
• Web Application Firewall (WAF)

These articles provide information about the legacy Fastly Web Application Firewall (WAF) security product.

• About the Fastly WAF dashboard (legacy)
• About the Fastly WAF rule management interface (legacy)
• Creating a custom WAF error page (legacy)
• Fastly WAF logging (legacy)
• Fastly WAF rule set updates and maintenance (legacy)
• Managing the Fastly WAF (legacy)
• Web Application Firewall (WAF) (legacy)