Redirecting root domain to TLS



Currently and both redirect to As is now mostly served over https, and we have custom vcl to redirect back to http where appropriate, I would like http[s]:// to redirect to to save an additional roundtrip.

The redirect appears to happen before entering into our vcl as, when curling, none of our debug headers show up, so I guess it’s not something we can tackle within our vcl. I’m also nervous of using the force TLS option in the fastly dashboards because there are scenarios where we do wish to redirect back to http.

Is there some way I can configure fastly to redirect the root domain to https://www?


hi @wheresrhys,

You can set this up using a synthetic http redirect in your service configuration. I’ll include the documentation that provides the finer details, but the idea is as follows.

  1. Create a synthetic 301 Response
  2. Attach a condition that applies if the host header matches “
  3. Create a new Response Header with the following details
  4. Set the Destination to http.Location, and the Source to "" + req.url
  5. Lastly, attach a response condition that executes the above in the event that the host header matches “ft.comand the response status is a 301.

This will ensure that all requests to either or get redirected to

Feel free to shoot us an email at if you run into any troubles during implementation.