Security

These articles provide information about the administrative, physical, and technical safeguards that protect Fastly's product and services, as well as describe how to secure communications between Fastly and your origin servers and customers.


Access Control Lists

These articles describe how to restrict access to resources by allowing or blocking IP addresses with access control lists (ACLs).

Malicious actors can present themselves in a variety of ways on the internet. Automated tools can scrape information from your website, bots…

Read more

Varnish allows you to use access control lists (ACLs) , a feature that enables fast matching of a client's IP address against a list of…

Read more

You can prevent specific IP addresses from accessing your service by adding them to a block list. Enabling this feature creates a condition…

Read more

Access control lists (ACLs) allow you to store a list of permissions that Varnish will use to grant or restrict access to URLs within a…

Read more

Rate Limiting

These articles describe how to work with Fastly's rate limiting features.

Rate limiting is a way to control the rate at which traffic flows through your network. You might need rate limiting if you need to do…

Read more

You can use the Fastly Rate Limiting feature to create rate limiting policies. When you create a rate limiting policy, you define the…

Read more

Securing communications

These articles describe how to secure communications between Fastly, your origin servers, and your customers.

Apple uses App Transport Security (ATS) to improve the security of connections between web services and applications installed on…

Read more

Security measures

These articles provide information about the administrative, physical, and technical safeguards that protect Fastly's product and services.

Fastly maintains a “privacy and protection by design” approach that is manifested in Fastly’s data governance program. Fastly is intentional…

Read more

Fastly's security measures for the Fastly Next-Gen WAF (powered by Signal Sciences) (Next-Gen WAF) include safeguards that help protect…

Read more

We understand the need for our customers to validate the security of their service behind Fastly. To perform security testing of your Fastly…

Read more

Fastly operates a comprehensive information security program that includes administrative, physical, and technical safeguards to protect its…

Read more

TLS

These articles describe how to set up TLS certificates with Fastly services.

The TLS dashboard provides a high-level overview of the status of your Fastly-managed and self-managed TLS certificates. It alerts you…

Read more

The HTTP Strict Transport Security (HSTS) security enhancement specification provides a way to force modern browsers to communicate only…

Read more

This guide describes how to use Fastly TLS to enable TLS 1.3 for a domain using a TLS certificate you provide or one that Fastly provides…

Read more

If you want to only allow TLS on your site, we have you covered. We've built a setting into the request settings that will allow you to…

Read more

Mutual TLS (mTLS) is an additional layer of network connection security that is added on top of our existing TLS product . By default, the…

Read more

Customers can use a shared Fastly domain (e.g., your-name.global.ssl.fastly.net ) to add TLS to a website or application for free. Before…

Read more

This guide describes how to use Fastly TLS to enable HTTPS for a domain using a certificate managed by Fastly. To serve secure traffic…

Read more

This guide describes how to use the Fastly TLS product to upload and deploy your own TLS certificates and private keys using the Fastly…

Read more

"Your connection is not private" If you've recently started testing Fastly services, you may see errors like the following: These errors…

Read more

When you are connecting to origins over TLS , you may have errors. Hostname mismatches Error: Hostname mismatch Why the error appears Your…

Read more

Before getting started with Fastly-managed TLS subscriptions (managed TLS) or self-managed TLS certificates (Bring Your Own Certificates…

Read more

Identifying TLS terminated requests To maintain optimal caching performance, Fastly uses a TLS terminator separate from the caching…

Read more