2 months ago
hello! i discovered a new header "via1.1 varnish" being added to all my service API responses. what is it, and why is it there? i don't use varnish. (i assume it is related to the collaboration with fastly)
Pinned Solution
2 months ago
Hello,
your assumption is correct. railway moved all customer domains behind fastly on february 19-20 2026 as an emergency response to a series of ddos attacks that hit their infrastructure. fastly is now acting as a waf/proxy in front of all railway-hosted services platform-wide, which is why you're seeing that new header. you didn't do anything wrong, it's a railway infrastructure change
source: https://blog.railway.com/p/incident-report-february-19-2026
5 Replies
2 months ago
Varnish is an HTTP reverse proxy that works by caching frequently requested web pages as well as APIs. It's probably used somewhere, that's why you see its header in the response object.
darseen
Varnish is an HTTP reverse proxy that works by caching frequently requested web pages as well as APIs. It's probably used somewhere, that's why you see its header in the response object.
2 months ago
I understand, but why is it widely used on railway infrastructure? Isn't it bad practice to force a caching layer on a user's API calls without their knowledge or consent?
ctrlshifti
I understand, but why is it widely used on railway infrastructure? Isn't it bad practice to force a caching layer on a user's API calls without their knowledge or consent?
2 months ago
Hello,
your assumption is correct. railway moved all customer domains behind fastly on february 19-20 2026 as an emergency response to a series of ddos attacks that hit their infrastructure. fastly is now acting as a waf/proxy in front of all railway-hosted services platform-wide, which is why you're seeing that new header. you didn't do anything wrong, it's a railway infrastructure change
source: https://blog.railway.com/p/incident-report-february-19-2026
domehane
Hello, your assumption is correct. railway moved all customer domains behind fastly on february 19-20 2026 as an emergency response to a series of ddos attacks that hit their infrastructure. fastly is now acting as a waf/proxy in front of all railway-hosted services platform-wide, which is why you're seeing that new header. you didn't do anything wrong, it's a railway infrastructure change source: <https://blog.railway.com/p/incident-report-february-19-2026>
2 months ago
since railway now uses fastly by default, is it better to switch from cloudflare to fastly for my own edge layer to minimize latency via a single-provider network?
ctrlshifti
since railway now uses fastly by default, is it better to switch from cloudflare to fastly for my own edge layer to minimize latency via a single-provider network?
2 months ago
not worth switching for latency reasons yet. i think railway added fastly only for ddos protection, the cdn isn't live yet. so there's no single-provider edge layer benefit to gain right now. if you have no specific cloudflare rules you rely on, you can already turn off the cloudflare proxy, but wait until the cdn is fully rolled out before making any latency-based decisions
Status changed to Solved brody • 2 months ago