Engineering
Page 3
Fastly Academy: on-demand learning at your fingertips. | Fastly
Fastly Academy, our new on-demand learning center, contains lessons for learners of all levels. It’s one more way we’re helping you work — and expand your skills — the way that fits you best.
How to Secure your GraphQL
There are many benefits to adopting GraphQL, but its security implications are less understood. In this post, we’ll explore those implications and offer guidance on which defaults and controls can support a safer GraphQL implementation.
Bootstrap a Compute project with Fastly Fiddle
The Fastly CLI now supports bootstrapping Compute projects using fiddles made in Fastly Fiddle as a template. This enables users to get a local developer environment up and running very quickly using one of many ready-made solutions from Fastly’s public code example library, which can then be adapted and customized for your own needs.
Cloud Deploy simplifies Compute@Edge projects | Fastly
We’re introducing Cloud Deploy, a wizard that helps you start building on Compute by deploying and customizing templates, and sets you up with an automated deployment workflow and best development practices.
Fastly's 2021 in Review
In this post, we’ll take a look back at the past year through the eyes of our edge cloud network to explore what we saw across new protocol adoption, security initiatives, network growth, and more.
Origin Inspector: Monitor origin traffic from the Fastly UI
Origin Inspector provides you with a dataset and visualizations that offer real-time and historical visibility into responses delivered from your origin servers to our edge cloud. And we’re happy to say that it’s now in limited availability.
WAF framework measures WAF effectiveness | Fastly
Our new WAF efficacy framework provides a standardized way to measure the effectiveness of a WAF’s detection capabilities through continuous verification and validation. Here’s how it works.
Log4Shell exploit found in Log4j | Fastly
CVE-2021-44228 is a Remote Code Execution vulnerability in the Apache Log4j library being actively exploited. We provide our observations into the exploit and a summary of its impact.
30 Years of Web: Building for Tomorrow
The web’s infrastructure — and the applications we build on it — must constantly evolve to meet the ever-transforming expectations of modern and future end users. We’ve gathered five lessons today’s builders can use to drive the next three decades of the web.
Grinch bots penalized w/ enriched security data & our edge cloud platform | Fastly
In this post, we’ll show how you can use information from an origin response to add an abuse IP address to our penalty box. We've been touting the promise of security at the edge, and this is just one example of what it can do.
30 Years of Web: Future-Ready Apps
Many websites today are really applications, and we should be building them as such. To do that, we need application architectures and networks that are capable of supporting fast, secure, and scalable user experiences. We must embrace a more dynamic mindset in how we approach web development and consider the tools we need to get there.
30 Years of Web: Future Demands
As we look back to celebrate the 30th anniversary of the website, it’s also worth thinking about the next 30 years. There are a couple of areas where we — as engineers, developers, and builders in general — can champion innovation, mainly around architecture and security.
You can now test Compute code in Fastly Fiddle
Fastly customers have been using our Fiddle tool for years to try out ideas for edge logic in VCL. With the advent of Compute last year, we made our edge compute network accessible to any language that compiles to WebAssembly, and now you can write Compute code in Fiddle too.
Get started with Fastly logging and Compute@Edge | Fastly
In this tutorial, we’ll walk you through the basic steps of outputting messages to STDIO and tailing that output with the Fastly CLI as well as configuring a log streaming endpoint, emitting logs in your application, and confirming the delivery of those logs to your target logging destination.
Preventing SSRF: Apache CVE-2021-40438 | Fastly
Our Security Research Team provides guidance on how to address CVE-2021-40438, a vulnerability in Apache HTTP Server version 2.4.48 and earlier, by patching impacted version(s) and enabling a new templated rule to prevent exploitation.
Using cURL to Test Origin Server Responses
Curl, or cURL, is a utility that’s shipped by default on operating systems like MacOS and many Linux distributions that allows you to send an HTTP request to a URL and receive the result. In this post, we’ll walk you through how to use the tool to test an origin server’s response.
Compute: The JavaScript Support you Demanded | Fastly
With JavaScript now available for WebAssembly and Compute, you can get started faster than ever with a language you already know, while ensuring the speed and security you need in a serverless build environment.
How to configure your Fastly services with Terraform
As you start to build more at the edge, it becomes ever more important to deploy edge logic in the same way you deploy changes to your own applications and infrastructure. Today, we’ll take a step back and look holistically at how to configure, manage, and deploy Fastly services using Terraform.
How to test site speed optimizations with Compute
In this post, we show how to test site speed modifications before implementing them using Compute and WebPageTest, a web performance tool that uses real browsers, to compare web performance between the original and transformed page versions.
Minimizing ossification risk is everyone’s responsibility
Building protocols in a way that anticipates future change in order to prevent ossification is critical. Because it’s impossible to upgrade everyone on the internet at the same time; it needs to be possible to introduce changes gradually, without harming communication where only one party understands the change — and this is everyone’s responsibility.
