1stdibs is the world’s leading online marketplace for rare and desirable objects. By bringing together more than 2,000 of the best professional dealers specializing in design, fine art, and collectibles, the ecommerce site allows users to shop the most beautiful things on Earth anywhere, any time. In 2014, 1stdibs’ gross merchandise volume was 1.1 billion, a 20% increase year-over-year.
For 1stdibs, a fast and reliable site is critical for its global base of customers. That’s why 1stdibs selected Fastly. 1stdibs had worked with a variety of content delivery solutions, but found that traditional CDNs couldn’t effectively handle modern threats. They sought a CDN that could adapt to rapid changes on the internet and provide the advanced security capabilities necessary to mitigate future attacks without sacrificing granular control.
“Fastly changes how we think about infrastructure. It acts as an extension of 1stdibs’ stack, giving us the benefits of instant configurability changes and log streaming, which outweigh anything other CDNs offer.” Ross Paul, CTO
“Fastly’s technology allows us to handle attacks better than anything else while still giving us control. With Fastly, we have a CDN that gives us the ability to provide uninterrupted service in the event of another attack.”
1stdibs moved to Fastly after a DDoS attack, which caused a brief site outage. Despite knowing the malicious IP addresses, their previous CDN took over two hours to block them. On Fastly, 1stdibs can push logic normally performed at the origin to the edge, allowing them to block low-level layer three and four attacks, as well as defend against complex layer seven or application layer attacks. This includes analyzing the full HTTP request (headers, cookies, request path) and pushing filtering to the far more scalable edge or caching layer, protecting the origin.
Because attackers often change their methods during an attack, a DDoS protection solution must allow sites to quickly adapt to these new techniques. That’s where the power of Varnish, the state-of-the-art web accelerator designed for dynamic content (such as websites, APIs, and mobile applications), and Varnish Configuration Language (VCL) are critical. 1stdibs can update their VCL to block new attack methods, and deploy those updates across the Fastly network within seconds.
Before moving to Fastly, 1stdibs was already using Varnish. Because Fastly is built on Varnish, 1stdibs can completely customize their CDN service by writing and deploying Custom VCL instantly through the Fastly UI or API. 1stdibs uses custom configurations to direct traffic to connect over Transport Layer Security (TLS) at the edge instead of at origin, which improves performance for their end users while reducing requests to origin.
“What’s dramatically different between using Fastly and other CDNs is that Fastly is not a black box we can’t control. Fastly is part of our infrastructure — it’s almost as if we were to spin up data centers all over the world just to be Varnish nodes; that’s Fastly. Fastly’s Custom VCL lets us leverage the power and technology of Varnish, giving us ultimate control and flexibility.”
Custom VCL allows 1stdibs to adjust Cache headers based on whether the CDN server is an edge node or acting as the Origin Shield. If the CDN server is an edge node, Fastly can strip the s-maxage before the content is delivered to the user, ensuring no additional network proxies conflict with their content decisions.
“Most of our content can be cached for a very long time, but when it changes, we need the new information to be delivered rapidly. So we set a month-long s-maxage, respected by Fastly and, for the browser, only a minute-long max-age. When new content is available, we leverage Fastly’s Instant Purge to clear the long cache.”
1stdibs is able to quickly reach Fastly support on IRC for real-time feedback and insight during key events. When 1stdibs opted to redirect most of their site to HTTPS, they made and tested changes to their VCL locally, but planned to deploy the changes live in the cloud. During this change, Fastly’s IRC channel gave the 1stdibs team insight into the best way to test and modify configuration changes.
“We don’t have enough problems to really need Fastly support, but their team has been very proactive. The IRC channel is great — when we elected to do various changes, our head of ops was hanging out in the IRC channel and Fastly’s team was very responsive.”
1stdibs uses Fastly’s streaming logs to monitor site performance and troubleshoot issues as they happen. Unlike traditional CDNs that stream in batches, Fastly’s logs stream in real time and can be streamed to almost any major logging endpoint, including logging-as-a-service providers, S3 buckets, and analytics tools. 1stdibs can then immediately identify and resolve issues as they occur.
“We often look at our Fastly logs before we look at our origin’s logs. Once, we did a release, and it turned out that there was an edge case throwing tons of service errors. We looked up at our big Fastly Dashboard in the office and noticed that the pattern of errors had radically altered. By visualizing Fastly’s logs, we are able to identify and quickly fix bugs.”
As an online luxury marketplace, 1stdibs needed a scalable way to create a personalized, location-based experience for its visitors. They make as much of their content cacheable as possible, and address dynamic content via AJAX. Recently, 1stdibs added currency localization to its site, which is unpredictably changing content. 1stdibs wanted to leverage the performance and infrastructure benefits of caching their site while maintaining the ability to immediately change content when necessary.
“We still cache the entire product details page even if a user wants to view an item in a custom currency. Exchange rates are dynamic, so after delivering the cached page, an AJAX request comes back to the origin, fetches the latest prices, and dynamically updates the displayed price. We get all the speed benefits of caching without ever serving stale data.”
By caching and routing www.1stdibs.com through Fastly, and using Fastly’s Origin Shield feature, 1stdibs ensures that any spikes in requests will not affect performance for end users. This allows them to scale growth without having to add capacity to their origin.
“Someone’s crawler went crazy and drove up site traffic 10x. We didn’t observe any ill effects in our origin because the traffic didn’t make it to us; Fastly blocked the errant requests. Most importantly, our customers were not impacted. We have no concerns about Fastly’s ability to scale as our business grows.”