Access Control Lists

These articles describe how to restrict access to resources by whitelisting or blacklisting IP addresses with Access Control Lists (ACLs).

About ACLs

Malicious actors can present themselves in a variety of ways on the internet. Automated tools can scrape information from your website, bots can probe your application for vulnerabilities, and hackers can exploit them. If you detect threats like these, you may want to use an ACL to prevent the offending IP addresses from ever accessing your information resources again. An ACL is a list of permissions that Varnish uses to grant or restrict access to URLs within your services.

Ways of creating ACLs

There are two ways of creating ACLs for your Fastly services. You can use Edge ACLs to programmatically create and manipulate ACLs with the Fastly API, or you can manually create the ACL in VCL and upload it:

Additional Resources

Back to Top