Allow conditional GET requests to origin with 304 response, even if 'outer' request from browser is not conditional.
Solution recipes for commerce
Our recipe library is an always-evolving set of code samples to do just about anything on the Fastly edge cloud. Have a browse or search for a keyword to find the perfect, ready-made solution you can paste into your service or adapt and customize for your own needs. Using Fastly Fiddle, play with any recipe and take advantage of the Fastly edge cloud, all without registering or affecting any existing account.
Add GeoIP data about the client browser as extra headers in any requests from Fastly to your origin.
Prioritize human traffic over search crawlers by serving stale content to crawlers.
Stream responses to the browser while still receiving data from the origin and also saving it to cache. Great for spreading out server-sent-events streams to millions of users from a single source stream.
Collect and aggregate log data submitted from browsers directly into S3 or another log store without having to handle the traffic at your origin.
Include full text of robots.txt in VCL, serve as a synthetic response to avoid robots.txt requests hitting your origin.
Map requests to backends consistently, which can be useful to improve your internal cache and replication efficiency.
Map requests to backends based on user ID (a.k.a., "sticky sessions"). Defaults to IP address but you can customize.
Emit logging data to your chosen log endpoint from any VCL stage, not just vcl_log.
Use Fastly Image Optimizer to transform and serve images at the edge, closer to your users.
Purge your edge cache automatically at a certain time. This may cause an inrush of traffic to origin at the scheduled time and should be used with care.
Go from an F to an A grade on securityheaders.io by adding security policy headers to your responses at the edge.
Fastly can easily read and write HTTP headers at multiple stages of the request/response cycle.
Add, remove, and sort querystring parameters.
PCI-compliant caching requires caching only in volatile storage, which you can enable with beresp.pci in VCL.
Send a copy of your traffic to a test origin before returning a response from production.
Detect and reject requests from third party websites that attempt to embed your images on their pages.
Ensure resources are not cached on the front end, while allowing caching within Fastly.
Use Fastly's support for ESI to combine multiple origin-hosted objects into a single response at the edge.
Remove headers added by backends that you don't want to emit to the browser, like amz- or goog- headers.
Redirect any requests that come in on insecure HTTP, to the equivalent TLS endpoint.
Group countries to cache content by custom regions or reject requests from some regions entirely.
Bucket users into small grid squares to allow for hyper-local content caching (e.g., "stores near you", "local offers").
If primary backend fails, retry with a different backend without caching the failure or reducing cache efficiency.
The web application firewall catches a variety of different types of malicious requests including cross-site scripting (XSS), SQL injection, remote and local file inclusion (RFI, LFI), remote command execution (RCE) and session fixation.
The web application firewall has thousands of rules built in, but you can augment these with your own.
Use custom, predefined classnames like large, medium, small, teaser, thumb, or article to control Fastly Image Optimizer and optionally prevent end-user access to native properties like 'width'.
Strip the last octet or compute a hash of client IP address for anonymization.
Block or identify syntactically invalid requests at the edge by using a hash function of your choice.
Serve different responses to separate user cohorts.
A totally stateless solution to hold back new users for a minimum waiting period to smooth out spikes in traffic.
Match URL prefixes and make use of configurable response status and querystring preservation.
All code on this page is provided under both the BSD and MIT open source licenses.