The Secure page gives you access to the different security products Fastly has to offer. Note that you must contact firstname.lastname@example.org to have access to this page and these offerings.
Before you begin
Be sure you know how to access the web interface controls before learning about each of the pages you'll encounter there.
About the Secure page
From the Secure page, you can access the:
- TLS Management tab, where you can add HTTPS to your domains for additional privacy and data security for services. You can either upload your own TLS certificates or have Fastly manage this for you.
- Edge Rate Limiting tab, where you can implement a rate limiting policy to control the rate of requests sent to your origin servers.
This feature is part of a limited availability release. For more information, see our product and feature lifecycle descriptions.
- DDoS mitigation tab, where you can contact us for help with a current threat or to protect a specific event. Fastly’s high-bandwidth globally distributed network was built with “always-on” DDoS mitigation designed to absorb DDoS attacks. If you currently have a sustained DDoS threat risk or a short term or seasonal event to protect, however, you can also purchase a DDoS Protection and Mitigation Service that provides additional Fastly resources to assist you with mitigating the service and financial impacts of DDoS and related attacks.
- Next-Gen WAF tab, where you can contact us for information on the Fastly Next-Gen WAF (powered by Signal Sciences). You can use a WAF to protect your applications from malicious attacks designed to compromise web servers.
- Legacy WAF tab, which lists the services where Fastly's WAF 2020 or original WAF products are enabled.
Security products note
No security product, such as a WAF or DDoS mitigation product, including those security services offered by Fastly, will detect or prevent all possible attacks or threats. As a subscriber, you should maintain appropriate security controls on all web applications and origins. The use of Fastly's security products do not relieve you of this obligation. As a subscriber, you should test and validate the effectiveness of Fastly's security services to the extent possible prior to deploying these services in production, continuously monitor their performance, and adjust these services as appropriate to address changes in your web applications, origin services, and configurations of the other aspects of your Fastly services.