Indicates whether the client-side connection used TLS to connect to Fastly.
Fastly writes this header into requests. It is proprietary to Fastly.
"1" on requests that arrived at Fastly over TLS, if the header is not already present on the request.
Be aware of several important caveats when using this header:
- If the client request includes this header, Fastly will not overwrite or correct it. A client capable of setting arbitrary headers can therefore spoof the value of
- If the Fastly service is configured to use shielding, the connection between the edge and shield POPs uses TLS if the origin itself supports TLS. The value of
Fastly-SSLwhen read on a machine acting as a shield will therefore be
"1"if the origin is configured with TLS enabled.
For a secure method of detecting the TLS state of the connection, see