Basics
- About the web interface controls
- Always-on DDoS mitigation
- Browser recommendations when using the Fastly web interface
- Content and its delivery
- Fastly POP locations
- Getting started with Fastly
- How caching and CDNs work
- How Fastly's CDN Service works
- HTTP status codes cached by default
- Self-provisioned Fastly services
- Sign up and create your first service
- Working with services
Domains & Origins
Performance
Basics
Dictionaries
Domains & Origins
- Changing origins based on user location
- Connecting to origins
- Enabling global POPs
- Failover configuration
- IPv6 support
- Maintaining separate HTTP and HTTPS requests to origin servers
- Routing assets to different origins
- Setting up redundant origin servers
- Specifying an override host
- Using Fastly with apex domains
Request settings
Caching
Headers
Responses
Performance
Load balancing
Purging
Custom VCL
- Accept-Language header VCL features
- Authenticating before returning a request
- Basic authentication
- Creating location-based tagging
- Custom responses that don't hit origin servers
- Delivering different content to different devices
- Enabling URL token validation
- Guide to VCL
- Isolating header values without regular expressions
- Manipulating the cache key
- IP geolocation variables: Migrating to the new dataset
- Overriding which IP address the geolocation features use
- Response Cookie handling
- Support for the Edge-Control header
- Understanding the different PASS action behaviors
- Using edge side includes (ESI)
- VCL regular expression cheat sheet
Image optimization
Video
Access Control Lists
Monitoring and testing
Securing communications
Security measures
TLS
- Domain validation for TLS certificates
- Enabling HSTS through Fastly
- Forcing a TLS redirect
- Managing domains on TLS certificates
- Serving HTTPS traffic using certificates you manage
- Serving HTTPS traffic using Fastly-managed certificates
- Setting up free TLS
- TLS key and certificate replacement
- TLS termination
Web Application Firewall
Logging endpoints
- Log streaming: Amazon S3
- Log streaming: Microsoft Azure Blob Storage
- Log streaming: Cloud Files
- Log streaming: Datadog
- Log streaming: DigitalOcean Spaces
- Log streaming: Elasticsearch
- Log streaming: FTP
- Log streaming: Google BigQuery
- Log streaming: Google Cloud Storage
- Log streaming: Honeycomb
- Log streaming: Kafka
- Log streaming: Log Shuttle
- Log streaming: LogDNA
- Log streaming: Logentries
- Log streaming: Loggly
- Log streaming: Heroku's Logplex
- Log streaming: OpenStack
- Log streaming: Papertrail
- Log streaming: Scalyr
- Log streaming: SFTP
- Log streaming: Splunk
- Log streaming: Sumo Logic
- Log streaming: Syslog
Non-Fastly services
Streaming logs
Debugging techniques
Common errors
Account management
Billing
User access and control
Tracking your origin's name, IP, and port
Last updated October 30, 2018
Being able to track information related to your origin can be helpful in troubleshooting errors and making sure requests are processed as expected. Fastly provides three VCL variables that allow you to see and track origin information:
You can create VCL Snippets that use these variables to capture information about an origin and then set up remote log streaming to save that information.
Retrieve the origin information
Create a regular VCL Snippet to retrieve the origin information:
- Log in to the Fastly web interface and click the Configure link.
- From the service menu, select the appropriate service.
- Click the Edit configuration button and then select Clone active. The Domains page appears.
- Click the VCL snippets link. The VCL snippets page appears.
- Click Create snippet. The Create a VCL snippet page appears.
- In the Name field, type an appropriate name (for example,
Retrieve-Origin-Information). - From the Type controls, select within subroutine. The Select subroutine menu appears.
- From the Select subroutine menu, select fetch (vcl_fetch).
-
In the VCL field, add the following VCL logic:
1 2 3
# save the variables for access in deliver set beresp.http.Your-Backend-Name = beresp.backend.name; set beresp.http.Your-Backend-IP-Port = beresp.backend.ip ":" beresp.backend.port;
- Click Create to create the snippet.
Change the response header to a request header
Create another regular VCL Snippet that changes the response header to a request header before logging the information:
- Click the VCL snippets link. The VCL snippets page appears.
- Click Create snippet. The Create a VCL snippet page appears.
- In the Name field, type an appropriate name (for example,
Remove-Origin-Information). - From the Type controls, select within subroutine. The Select subroutine menu appears.
- From the Select subroutine menu, select deliver (vcl_deliver).
-
In the VCL field, add the following VCL logic:
1 2 3 4 5 6 7 8 9 10 11
if (fastly_info.state ~ "(MISS|PASS)") { # only on a miss or pass # save the responses back to req.request because # request headers are not sent back to the client set req.http.Your-Backend-Name = resp.http.Your-Backend-Name; set req.http.Your-Backend-IP-Port = resp.http.Your-Backend-IP-Port; } # remove the identifying information from the response unset resp.http.Your-Backend-Name; unset resp.http.Your-Backend-IP-Port;
- Click Create to create the snippet.
EXPLANATION: If a response header like beresp.http.Your-Backend-Name exists in vcl_fetch when VCL is processed, then a corresponding response header resp.http.Your-Backend-Name will exist in vcl_deliver and will be logged by default. This means that response headers will be included in response output, exposing origin information (e.g., IP address, port number, or origin name) in the process. Fortunately, request headers are not passed back to the client, but their information remains accessible from vcl_log.
Set up remote log streaming
Once your snippets are created, you can set up remote log streaming for tracking purposes. Do this by adding req.http.Header-Name to the Log format field in the logging endpoint you configured in the remote log streaming guide. Using the example above, you would add req.http.Your-Backend-Name and req.http.Your-Backend-IP-Port. Once you've reviewed the changes you've made, click the Activate button to deploy these configuration changes for your service.
NOTE: When you configure remote log streaming to capture this information, remember the VCL is executed twice, once on the shield node and again on the edge node. This means that the first log (from the shield node) will have the origin's information and the second log (from the edge node) will have the shield's information.