Purging Fastly CDN Cache When Using a WAF or BYOCDN

This article provides insight into how to configure cache purging for AEM as a Cloud Service when using a Web Application Firewall (WAF) or a custom Content Delivery Network solution (BYOCDN). Understanding how to navigate these complex setups is crucial for maintaining efficient content delivery.

Description description


  • Experience Cloud
  • Experience Manager 6.5
  • Experience Manager as a Cloud Service
  • Experience Manager Cloud Manager


For customers using AEM as a Cloud Service with an existing WAF or BYOCDN, purging cached content from Fastly requires specific configuration adjustments. This article outlines the necessary steps to ensure that cache purge requests are correctly processed through these additional layers.

Resolution resolution

By adhering to these guidelines, you can ensure that your AEM as a Cloud Service can efficiently manage cache purging, even when using additional security layers like a WAF or a personalized CDN setup.

  • Work directly with your WAF/BYOCDN provider to allow PURGE requests to pass through to Fastly.

  • When constructing a PURGE request, include critical headers that indicate the original host and authentication keys.
    Fastly uses the X-Forwarded-Host header to identify the cache entry to purge correctly.

  • A template for the PURGE request command might be as follows:

    code language-none
    curl -X PURGE "https://publish-p1234-e5467.adobeaemcloud.com/my/page" \
    -H 'X-AEM-Purge-Key: <your_purge_key>' \
    -H 'X-Forwarded-Host: <your_host>' \
    -H 'X-AEM-Edge-Key: <your_edge_key>'
  • Review Adobe’s documentation for further information on configuring your caching and CDN settings: