All blog posts

Page 31

The headers we want

Andrew Betts

Manipulating HTTP headers is one of the most common things that Fastly customers do. Using the right combination of headers is one of the best things you can do for the security of your site, and also a significant contributor to performance.

Recent Drupal Vulnerabilities

Jose Enrique Hernandez

Hours after Drupal released a patch in April, 2018, attackers had already created and shared proof-of-concept exploit code resulting in over one million vulnerable sites. This news came four weeks after disclosure of Drupalgeddon 2, which was another major remote code execute vulnerability. Installing patches and updating your WAF rules can help you prevent attackers from exploiting this vulnerability to take control of your servers.

How Sleeping Duck survived Shark Tank

Matthew Vandenbossche

Fastly customer Sleeping Duck appeared on Shark Tank in July 2017, which sparked a sudden influx of traffic to their site. In the following post, Tech Lead Matthew Vandenbossche discusses how they prepared for the event, and how Fastly helped.

The headers we don't want

Andrew Betts

HTTP headers are an important way of controlling how caches and browsers process your web content. But many are used incorrectly or pointlessly, which adds overhead at a critical time in the loading of your page, and may not work as you intended.

Improved control + security with real-time logging

Simon Wistow

We know that our customers value visibility and control — actionable insight into what’s going on across your digital services, and the flexibility to make changes when necessary. Real-time logging lets you see what’s happening with your traffic, empowering you to make decisions and changes on the fly. In this post, we’ll share our latest logging updates — which allow for improved formatting and control, new and improved logging endpoint integrations, and enhanced security — and how to get started.

Altitude NYC 2018 recap

Courtney Nash

3,500 new Fastly service configurations deployed, 250 breakfast sandwiches eaten, 2 rants about edge computing (or at least one about self-driving cars), and one very big outdoor screen. Those are just a few of the highlights from last week’s Altitude in New York, where we gathered together customers and Fastly folks to share stories and strategies about the future of the edge, cloud networking, security, and more.

Events

How to Clear Cache in the Browser

Andrew Betts

Learn how to clear a cache memory with JavaScript to fix errors and improve front end performance.

Performance

Fastly eases GDPR compliance for our customers

Paul Luongo

Under the General Data Protection Regulation (“GDPR”), European nationals have individual rights regarding their personal data that must be respected by companies controlling or processing that data. As part of Fastly’s obligations to provide our edge cloud services in compliance with all applicable laws, and our customer’s obligations not to use our edge cloud services in violation of those same laws, we want to outline the steps we have taken to comply with the GDPR, and in particular the steps we have taken to ease the GDPR compliance burden for our customers.

How industry leaders approach digital transformation

Courtney Nash

Digital transformation — in which a business totally overhauls its strategy to take advantage of the full breadth of opportunities digital technologies have to offer — is definitely a hot topic. Opinions on jargon aside, the fact remains that industry stalwarts need to expand their presence and reach by leveraging the latest technologies and personalization tools. In this post, we’ll take a look at the three main considerations when overhauling your digital strategy: the need to move quickly, creating delightful customer experiences (across platforms), and doing so at scale. Peppered throughout are examples on how industry leaders approach their digital strategies.

Industry insights

ButterCMS builds reliable API | Fastly

Jake Lumetta

Without realizing it, many of us are building single points of failure into our stack. Fastly customer ButterCMS requires near-100% uptime for their customers, but after multiple outages nearly crippled their business, they became “obsessed” with eliminating single points of failure. Read on to learn how they use Fastly and other digital strategies to make sure they keep their customers’ websites up and running.

Customers
+ 2 more

Building the WAF test harness

Christian Peron

To help our customers secure their sites and applications — while continuing to give their users reliable online experiences — we’ve built a performant, highly configurable, and comprehensive Web Application Firewall (WAF). In order to provide a comprehensive solution for securing your infrastructure, it’s critical to continuously test that solution. In this post, we’ll share how we ensure a quality WAF implementation for our customers, continuously testing it using our framework for testing WAFs (FTW), and go deeper into the findings and contributions we’ve made to the OWASP CRS community with FTW.

Security
+ 2 more

Three Ways Legacy WAFs Fail

The Fastly Collective

Legacy WAFs were a stopgap that compliance regulations forced many to adopt (or at least pretend to). Learn more about why they fail and how the next generation of WAFs bridges the gap.

Security

DDoS attacks: how to protect + mitigate

Jose Nazario, PhD, Ryan Landry

In part one of this series, we took a look at the evolving DDoS landscape, offering a sense of what’s out there in terms of attack size and type to help better inform decisions when it comes to securing your infrastructure. In this post, we’ll share an inside look at how we protect our customers, lessons learned from a real-live DDoS, and our recommended checklist for mitigating attacks.

Security
Engineering

Requiring TLS 1.2 for the Fastly API & control panel

Phil Groman

As part of our vision for defending the modern web, the Fastly engineering teams are focused on providing you with a robust and secure platform that empowers you to protect your customers. Because we’re committed to providing secure experiences, we’re requiring clients that connect to our infrastructure to support TLS 1.2. Read on to learn about our deprecation plan, plus how to check which TLS version you’re using.

Security

Demystifying the cloud

Simon Wistow

Like it or not, the cloud is here to stay. Although 81% of executives surveyed experience cloud FOMO (“fear of missing out”), it’s not peer pressure alone that’s driving cloud adoption; the cloud offers undeniable benefits to your business: boosting engagement with your customers, cutting costs, and empowering innovation. In this post, we’ll take a look at the different methodologies of cloud computing, cutting through the noise to offer our recommendation and vision for what’s ahead.

Industry insights

Understanding the Vary header in the browser

Andrew Betts

Browsers need to understand and respond to Vary rules, and the way they do this is different from the way Vary is treated by CDNs. In this post, Principal Developer Advocate Andrew Betts explores the murky world of cache variation in the browser.

Performance

Videos from part 3 of our Security Speaker Series

Window Snyder

On October 26, we hosted an evening of drinks, snacks, and an excellent security discussion with the security research and engineering communities. Folks gathered at Bespoke Central Lounge in downtown San Francisco to hear from Alex Bazhaniuk, of Eclypsium, Inc., and Stephen Checkoway, of the University of Illinois. Watch the videos from their talks here.

Security

2018 starts with 46 POPs & 20 Tbps of connected edge capacity

Tom Daly, Ryan Landry

The Fastly Infrastructure and Edge Cloud Operations Teams wrapped up 2017 by completing major milestones in our point of presence (POP) deployments around the globe AND achieving 20 Tbps of connected edge capacity. Since our last update, we’ve deployed additional US POPs in Atlanta, Houston, Columbus, and Palo Alto, brand-new locations in Cape Town, South Africa and Columbus Ohio, plus a new 100GE-enabled POP in Tokyo, Japan. These upgrades empower us to scale to meet customer demands, reduce latency, and improve resilience to our network — read on to see what we’ve been up to.

Product
+ 3 more

How Fastly Supports an Ethical and Open Internet

Elaine Greenberg

Open source projects are the foundation of the internet; by sponsoring their important work, we support our vision for unfettered, scalable technical innovation. We’ve supported numerous open source projects since the inception of Fastly, and our founding team has invested time into open source development since our incorporation. Read on to learn about the evolution of our Open Source and Nonprofit Program.

Engineering
Culture

How natural disasters meet unprecedented engagement

Tyler McMullen

As part of our mission to serve the best of the internet, we’re honored to offer complimentary CDN services to nonprofits, including One America Appeal, Direct Relief, Reporters Without Borders, Khan Academy, and more. Although the fall of 2017 had more than its fair share of natural disasters, we were heartened to learn how people gave (and engaged) with nonprofits. Read on to see what we learned.

Observability