A list of Fastly cache nodes that have processed a request.

Fastly reads this header from requests and writes it into requests. It is proprietary to Fastly.

PROTECTED:  This header cannot be modified in VCL.

The primary purpose of the Fastly-FF header is for loop detection. If a Fastly service is configured to use itself as a backend, the request would otherwise be forwarded endlessly within the Fastly network.

It is also an effective means of determining whether the request has already passed through a Fastly data center before arriving at the current one, which is common in services that use shielding.



The header value is composed of a salted hash of the service ID, the data center code, and the individual cache server ID. For example:

Fastly-FF: qZarR/12OL0QOq4VyQPmqQ/CTp17AZv0d6cSG5nUSxU=!WDC!cache-wdc5548-WDC

Usage for edge/shield detection

While it is common to use this header as a simple mechanism to determine whether the current data center is acting as an edge or a shield, it is usually better to use the fastly.ff.visits_this_service variable, which will identify the number of times the same service has been invoked previously in the current request's journey (and will also validate the hash).


This header is protected from modification in VCL, but incoming requests from outside of the Fastly network may include the header.