All blog posts
Page 31
The headers we want
Manipulating HTTP headers is one of the most common things that Fastly customers do. Using the right combination of headers is one of the best things you can do for the security of your site, and also a significant contributor to performance.
Recent Drupal Vulnerabilities
Hours after Drupal released a patch in April, 2018, attackers had already created and shared proof-of-concept exploit code resulting in over one million vulnerable sites. This news came four weeks after disclosure of Drupalgeddon 2, which was another major remote code execute vulnerability. Installing patches and updating your WAF rules can help you prevent attackers from exploiting this vulnerability to take control of your servers.
How Sleeping Duck survived Shark Tank
Fastly customer Sleeping Duck appeared on Shark Tank in July 2017, which sparked a sudden influx of traffic to their site. In the following post, Tech Lead Matthew Vandenbossche discusses how they prepared for the event, and how Fastly helped.
The headers we don't want
HTTP headers are an important way of controlling how caches and browsers process your web content. But many are used incorrectly or pointlessly, which adds overhead at a critical time in the loading of your page, and may not work as you intended.
Improved control + security with real-time logging
We know that our customers value visibility and control — actionable insight into what’s going on across your digital services, and the flexibility to make changes when necessary. Real-time logging lets you see what’s happening with your traffic, empowering you to make decisions and changes on the fly. In this post, we’ll share our latest logging updates — which allow for improved formatting and control, new and improved logging endpoint integrations, and enhanced security — and how to get started.
Altitude NYC 2018 recap
3,500 new Fastly service configurations deployed, 250 breakfast sandwiches eaten, 2 rants about edge computing (or at least one about self-driving cars), and one very big outdoor screen. Those are just a few of the highlights from last week’s Altitude in New York, where we gathered together customers and Fastly folks to share stories and strategies about the future of the edge, cloud networking, security, and more.
How to Clear Cache in the Browser
Learn how to clear a cache memory with JavaScript to fix errors and improve front end performance.
Fastly eases GDPR compliance for our customers
Under the General Data Protection Regulation (“GDPR”), European nationals have individual rights regarding their personal data that must be respected by companies controlling or processing that data. As part of Fastly’s obligations to provide our edge cloud services in compliance with all applicable laws, and our customer’s obligations not to use our edge cloud services in violation of those same laws, we want to outline the steps we have taken to comply with the GDPR, and in particular the steps we have taken to ease the GDPR compliance burden for our customers.
How industry leaders approach digital transformation
Digital transformation — in which a business totally overhauls its strategy to take advantage of the full breadth of opportunities digital technologies have to offer — is definitely a hot topic. Opinions on jargon aside, the fact remains that industry stalwarts need to expand their presence and reach by leveraging the latest technologies and personalization tools. In this post, we’ll take a look at the three main considerations when overhauling your digital strategy: the need to move quickly, creating delightful customer experiences (across platforms), and doing so at scale. Peppered throughout are examples on how industry leaders approach their digital strategies.
ButterCMS builds reliable API | Fastly
Without realizing it, many of us are building single points of failure into our stack. Fastly customer ButterCMS requires near-100% uptime for their customers, but after multiple outages nearly crippled their business, they became “obsessed” with eliminating single points of failure. Read on to learn how they use Fastly and other digital strategies to make sure they keep their customers’ websites up and running.
Building the WAF test harness
To help our customers secure their sites and applications — while continuing to give their users reliable online experiences — we’ve built a performant, highly configurable, and comprehensive Web Application Firewall (WAF). In order to provide a comprehensive solution for securing your infrastructure, it’s critical to continuously test that solution. In this post, we’ll share how we ensure a quality WAF implementation for our customers, continuously testing it using our framework for testing WAFs (FTW), and go deeper into the findings and contributions we’ve made to the OWASP CRS community with FTW.
Three Ways Legacy WAFs Fail
Legacy WAFs were a stopgap that compliance regulations forced many to adopt (or at least pretend to). Learn more about why they fail and how the next generation of WAFs bridges the gap.
DDoS attacks: how to protect + mitigate
In part one of this series, we took a look at the evolving DDoS landscape, offering a sense of what’s out there in terms of attack size and type to help better inform decisions when it comes to securing your infrastructure. In this post, we’ll share an inside look at how we protect our customers, lessons learned from a real-live DDoS, and our recommended checklist for mitigating attacks.
Requiring TLS 1.2 for the Fastly API & control panel
As part of our vision for defending the modern web, the Fastly engineering teams are focused on providing you with a robust and secure platform that empowers you to protect your customers. Because we’re committed to providing secure experiences, we’re requiring clients that connect to our infrastructure to support TLS 1.2. Read on to learn about our deprecation plan, plus how to check which TLS version you’re using.
Demystifying the cloud
Like it or not, the cloud is here to stay. Although 81% of executives surveyed experience cloud FOMO (“fear of missing out”), it’s not peer pressure alone that’s driving cloud adoption; the cloud offers undeniable benefits to your business: boosting engagement with your customers, cutting costs, and empowering innovation. In this post, we’ll take a look at the different methodologies of cloud computing, cutting through the noise to offer our recommendation and vision for what’s ahead.
Understanding the Vary header in the browser
Browsers need to understand and respond to Vary rules, and the way they do this is different from the way Vary is treated by CDNs. In this post, Principal Developer Advocate Andrew Betts explores the murky world of cache variation in the browser.
Videos from part 3 of our Security Speaker Series
On October 26, we hosted an evening of drinks, snacks, and an excellent security discussion with the security research and engineering communities. Folks gathered at Bespoke Central Lounge in downtown San Francisco to hear from Alex Bazhaniuk, of Eclypsium, Inc., and Stephen Checkoway, of the University of Illinois. Watch the videos from their talks here.
2018 starts with 46 POPs & 20 Tbps of connected edge capacity
The Fastly Infrastructure and Edge Cloud Operations Teams wrapped up 2017 by completing major milestones in our point of presence (POP) deployments around the globe AND achieving 20 Tbps of connected edge capacity. Since our last update, we’ve deployed additional US POPs in Atlanta, Houston, Columbus, and Palo Alto, brand-new locations in Cape Town, South Africa and Columbus Ohio, plus a new 100GE-enabled POP in Tokyo, Japan. These upgrades empower us to scale to meet customer demands, reduce latency, and improve resilience to our network — read on to see what we’ve been up to.
How Fastly Supports an Ethical and Open Internet
Open source projects are the foundation of the internet; by sponsoring their important work, we support our vision for unfettered, scalable technical innovation. We’ve supported numerous open source projects since the inception of Fastly, and our founding team has invested time into open source development since our incorporation. Read on to learn about the evolution of our Open Source and Nonprofit Program.
How natural disasters meet unprecedented engagement
As part of our mission to serve the best of the internet, we’re honored to offer complimentary CDN services to nonprofits, including One America Appeal, Direct Relief, Reporters Without Borders, Khan Academy, and more. Although the fall of 2017 had more than its fair share of natural disasters, we were heartened to learn how people gave (and engaged) with nonprofits. Read on to see what we learned.
