You appear to be offline. Some site functionality may not work.

Solutions library

Here we have gathered together a searchable index of examples for using Fastly. Many take the form of fiddles, using our Fastly Fiddle tool to showcase interactive examples of VCL configurations. Find out more about the full range of features available on Fastly's edge cloud platform in our documentation and community forum.

Suggested: geo, fiddle, esi, restart, logging

Revalidating stale content and getting 304 from origin

Allow conditional GET requests to origin with 304 response, even if ‘outer’ request from browser is not conditional.

Geo-IP API at the Edge

Create an API endpoint for fetching GeoIP data for the requesting browser, implemented 100% at the edge. The response should show your current approximate location, but no requests to any origin servers.

Decorating origin requests with GeoIP

Add GeoIP data about the client browser as extra headers in any requests from Fastly to your origin.

Redirects using a VCL table

Store key-value pairs in your VCL to create a redirect mapping. Manage the redirects dynamically using Edge dictionaries.

Decoding JWT cookies at the edge

Use Fastly’s crypto functions to decode the popular JSON Web Token format, and send authentication state data to your origin server in extra, protected, headers.

Preflighting for flags

Park request, make a different request first, use the response to annotate the real origin request (or make decisions about how to route it).

Preflighting for paywall

Use a custom Paywall header to trigger preflight requests to authenticate every article view with a backend paywall service

Relative date insertion using ESI

Generate relative time datelines like “3 minutes ago” at the Edge instead of in JavaScript or at origin. Better caching, faster rendering, fewer reflows.

Serve stale to search crawlers

Prioritise human traffic over search crawlers by serving stale content to crawlers

Overriding TTLs based on content-type

Set TTLs at the edge based on the type of resource. Better done at origin, but this can be a great ‘quick fix’ or a solution if you don’t control the origin.

Streaming server-sent-events

Stream responses to the browser while still receiving data from the origin and also saving it to cache. Great for fanning out server-sent-events streams to millions of users from a single source stream

Header overflows

Fastly imposes per-request resource limits on customers’ use of our edge network. If you set too many headers, this happens.

IPv6 to IPv4 translation

Create an identifier that looks like an IPv4 address if the user has made their request using IPv6. Useful for origin servers that require an IPv4 address for some reason.

No-origin RUM logging

Collect and aggregate log data submitted from browsers directly into S3 or other log store without having to handle the traffic at your origin

URL path based routing for microservices

Send request to different origin servers based on the URL path.

Replace origin errors with 'safe' responses

If origin responds with 500 internal server error, modify status to 503 and serve a ‘safe’ error message.

CORS OPTIONS preflights at the edge

Browsers send OPTIONS requests before performing cross-origin POSTs. You can answer these requests directly from the edge.

HTTP Basic Auth

Store username/password list in an edge dictionary, authorise user at the edge, reject requests that don’t have correct credentials.

Serve robots.txt from the edge

Include full text of robots.txt in VCL, serve as a synthetic response to avoid robots.txt requests hitting your origin

Serve stale on origin failure

Deal with all potential scenarios for using stale content to satisfy requests when origin is unhealthy or misbehaving

Custom logging

Emit logging data to your chosen log endpoint from any VCL stage, not just vcl_log

Partial content 'Range' requests

Range headers sent from client are stripped by Fastly, so that we can cache the full object at the Edge

Make very large payloads visible in VCL using custom headers

Using the fetch API in JavaScript it’s possible to add custom headers to a request, and you can see that data in VCL, which is subject to a much higher limit than those that we…

Time-limited URL tokens

Make URLs expire after a configurable period.

Image optimization

Use Fastly Image Optimizer to transform and serve images at the edge, closer to your users.

Airport departures using Server-Sent-Events

This simulation of an airport departures board uses Fastly to easily fan out Server-Sent-Events streams to thousands of users, delivering in real time.

Enable modern web security headers to all responses

Go from F to A on by adding security policy headers to your responses at the edge.

Add, remove or change HTTP headers

Fastly can easily read and write HTTP headers at multiple stages of the request/response cycle.

Rewrite URL path

Receive a request for one path but request a different path from origin, without a redirect.

Manipulate query string

Add, remove, and sort querystring parameters

Change request method

Change PUT, DELETE, OPTIONS and others to POST, or vice versa, to help integrate incompatible client and server apps.

GZip compression at the edge

Compress HTML, SVG, and other compressable formats at the edge and store and serve both compressed and uncompressed versions.

Client public IP API at the edge

Quickly fetch the user’s public IP from an API endpoint on your own domain, with no origin.

Add/remove cookies

Read individual cookies, set new cookies in response

Math assignment operators

Use addition, subtraction, multiplication, division, and modulus operators when assigning numeric values to headers or variables

Caching POST requests

By default, Fastly does not cache responses to POST requests. But you can enable this if you wish.

Regular expression capturing patterns

Use our variable to capture regex pattern groups

Google Cloud storage origin (public)

Use a public GCS bucket as a backend for your Fastly service

Dictionary based IP blacklist

Ban a list of IP addresses from accessing your service, with expiry time

ACL based IP blacklist

Ban a list of IP address ranges from accessing your service

CAPTCHA challenge

Intercept suspicious traffic and display a CAPTCHA challenge. If the user passes, allow the request to go to the origin server.

Normalize requests

Improve cache performance by normalising requests. Filter and reorder query params, convert to lowercase, filter headers etc.

Search and replace in strings

Use regular expression substitution functions (regsub) to map paths, strip extraneous slashes, and more.

AWS S3 bucket origin (private)

Use AWS authenticated requests (signature version 2) to protect communication between your Fastly service and AWS.

Logging to Google BigQuery

Build raw JSON strings matching your BigQuery table schema to send log data to BigQuery

Unicode escaping in VCL

Represent non-ASCII characters in VCL using unicode escapes

Base64 POST body

Access the body of a POST request in base64 encoded form

Logical assignment operators

Logical expressions involving the left side of an assignment as an operand

Random integers

Generate random whole numbers in a range

Substr to extract substrings

Isolate a portion of a string

POST to GET rewrite using a base64 encoded querystring

To allow caching of POST requests, consider rewriting them as GET requests at the edge.

Set PCI flag to disable persistent cache storage

PCI compliant caching requires caching only in volatile storage, which you can enable with beresp.pci in VCL

Early expiry of cached objects

Cached a large number of objects for too long, and want to update and shorten their TTLs

Smoke test a new origin

Send a copy of your traffic to a test origin before returning a response from the production one

Compute intersection of two lists

Useful for comparing capabilities with required permissions

Hot-linking protection

Detect and reject requests from third party websites that attempt to embed your images on their pages

Prohibit browser caching

Ensure resources are not cached on the front end, while allowing caching within Fastly

Edge-side includes (ESI)

Use Fastly’s support for ESI to combine multiple origin-hosted objects into a single response at the edge

Clean backend responses

Remove headers added by backends that you don’t want to emit to the browser, like amz- or goog- headers.


Redirect any requests that come in on insecure HTTP, to the equivalent TLS endpoint

Cache '429' rate-limiter responses per IP

If a backend returns a 429, cache it for the requesting IP, but continue to allow other clients to use origin

Vary Based on a Cookie

Return different objects based on the presense of a cookie.