Guide

How to Bypass Fastly Bot Management (Next-Gen WAF) With Residential Proxies

Fastly's Next-Gen WAF, formerly Signal Sciences, scores your IP and NLX reputation, your request signals and rate, and a client-side challenge that fingerprints headless browsers. Here is what residential proxies fix and what you have to bring yourself.

HProxy Team · ·Updated July 18, 2026 ·7 min read
HProxy. Guide

Free proxies won't hold up here.

Shared datacenter IPs get flagged and dropped fast. When it has to hold, gaming, streaming, accounts, you need mobile and residential IPs that read as a real device, from $0.65/GB, pay as you go.

See plans & pricing

You can usually tell you have hit Fastly by the way the block reads. A request that pulled a clean 200 an hour ago now comes back as a 403, or the 406 Not Acceptable that Signal Sciences deployments often return, and swapping in a fresh proxy changes nothing. That last part is the tell: if a new IP does not move the block, the IP was never the only thing Fastly was reading. Fastly's Next-Gen WAF grew out of Signal Sciences, and it is not counting your requests the way a plain rate limiter does. It scores who you are from several angles, an IP and cross-customer reputation, the request signals and rate you generate at the edge, and, where Bot Management is enabled, a client-side challenge that fingerprints your browser, and your IP is one input out of several.

Can residential proxies get past Fastly?

Partly, and only for one of the things Fastly checks. Residential proxies fix the IP-reputation signal, which gets you off the datacenter ranges and the Network Learning Exchange lists that Fastly shares across its customer base. They do nothing for the request-shape signals Signal Sciences attaches to your traffic, and nothing for the client-side challenge that Bot Management uses to catch headless browsers. A clean IP behind a bare HTTP client still gets caught. You need all of it to line up.

What Fastly actually checks

Fastly is a CDN and edge platform, so its Next-Gen WAF sits inline in front of the origin. Detection comes in two layers, and the split matters for how you approach it.

IP and NLX reputation. Fastly reads the network that owns your address and its history, and its Network Learning Exchange shares confirmed-malicious source reputation across customers, so an IP burned scraping one Fastly site can arrive pre-flagged at the next. Fastly's own bot guidance notes that inventory-scraping bots can be identified through pre-identified bad IP ranges from sources like SANS. Datacenter ranges accumulate this reputation fast. This is the gate a proxy actually moves.

Request signals and rate. This is the Signal Sciences heritage, and it is what makes Fastly feel different from a signature WAF. Instead of matching a static payload list, it attaches named signals to requests, an anomalous header order, a scraper pattern, an abuse attempt, and rate-limits or alerts when a source crosses a threshold on those signals. Fastly's writing on telling good bot traffic from bad is about exactly this: reading suggestive signals rather than a single fingerprint. A scraper can trip this layer on behavior and rate before any JavaScript runs.

The client challenge and headless detection. Where Bot Management is enabled, Fastly adds a client-side layer. Client challenges require a visitor to prove they are a full browser rather than a script, and advanced client-side detection uses a JavaScript snippet you embed in the page to detect bots leveraging headless browsers such as headless Chrome. Passing sets a challenge-complete cookie (_fs_ch_cp), with a companion _fs_cd_cp cookie issued from your own domain. A client that never runs the challenge JavaScript never earns these, so it stays unproven.

Client fingerprint. Underneath both layers Fastly fingerprints the connection, including JA3 and JA4 TLS signatures, so a client whose handshake contradicts its User-Agent is flagged before the signals are even totted up.

Why a raw HTTP client trips Fastly

Point a plain requests or axios script at a Fastly-protected site and you lose on more than one layer at once. Its TLS fingerprint and header order feed the request signals as anomalous the moment the connection opens, and it has no JavaScript engine, so where Bot Management is on it never runs the challenge and never receives the _fs_ch_cp cookie. On top of that the rate and shape of a tight scraping loop is precisely the pattern Signal Sciences signals are built to catch. This is why rotating a datacenter pool against Fastly rarely helps: you keep changing the IP, which NLX reputation and signal-based rate limiting were designed to see through, while the request-shape signals and the missing challenge do the blocking.

Where residential proxies fit, and where they do not

Residential proxies route your traffic through real home connections on consumer ISPs, so the reputation signal flips from a flagged, NLX-listed hosting range to a neutral home line. Datacenter IPs lose at this gate first, which is why every serious attempt against Fastly starts with residential or mobile IPs. This is real, and it is the non-negotiable foundation.

What a proxy cannot do is change your request signals or answer the client challenge. The proxy forwards your bytes untouched. If those bytes carry a scraper's header order and a tight request rhythm, a residential IP just means Fastly signals a residential IP as a scraper. The mental model is the one behind all web scraping with proxies: the proxy makes your IP believable, and your request shape, your browser, and your pacing make the rest of you believable. Fastly scores them together.

Sticky sessions, not blind rotation

There is a rotation trap here too, the same shape as on Cloudflare and DataDome. Signal Sciences can rate-limit on identifiers beyond the raw IP, and NLX reputation follows the address, so blind per-request rotation mostly spreads your pattern across more IPs that can each pick up reputation. Once Bot Management is on, rotating also throws away the _fs_ch_cp cookie that vouches for your session. The winning pattern is the opposite of machine-gun rotation:

  • Sticky sessions per flow. Hold one residential or ISP IP for a whole browsing session so the challenge cookie, the IP, and the fingerprint stay consistent.
  • Rotate between flows, not inside them. New session, new identity, new IP.

A setup that actually gets through

The honest version has no single trick in it. Getting past a real Fastly deployment means lining up every signal, and proxies are one of them:

  1. Route through rotating residential or mobile IPs, with sticky sessions per flow. This clears the reputation and NLX gate that stops datacenter ranges first.
  2. Run a real browser where Bot Management is on. A hardened Playwright or Puppeteer, or an anti-detect browser, runs the client challenge and hides the headless tells the client-side detection looks for. A bare HTTP client cannot earn the _fs_ch_cp cookie.
  3. Send a full, correctly ordered header set and a TLS fingerprint that matches your User-Agent, so you stop feeding the anomalous-request signals that Signal Sciences keys on.
  4. Pace like a person, with randomized delays and modest per-IP volume, because the signal thresholds are watching rate and rhythm, not just the raw count.
  5. Persist cookies and session on the same sticky IP, so once you pass the challenge you stay passed.

Test before you scale

Before you point a real job at a defended target, prove one identity end to end. Confirm your exit is alive and residential with the proxy checker, then hit a fingerprint test endpoint and confirm your JA3 matches the browser you claim to be. If the IP is clean but the request still gets a 406, your header order, your rate, or your missing challenge is the problem, not the address. Testing one full identity tells you which signal is failing, which is the only way to fix the right thing instead of buying more proxies you did not need.

The honest bottom line

Fastly's Next-Gen WAF scores several things and reads them together: your IP and NLX reputation, the request signals and rate you generate at the edge, and, where Bot Management is on, a client-side challenge that fingerprints headless browsers. Residential proxies fix the reputation layer completely and are the foundation, since datacenter ranges never make it past the NLX and IP gate. But they do nothing for the request signals or the challenge. A clean rotating residential pool with sticky sessions gets you to the table; a real browser, a clean request shape, and human pacing are what let you stay. Our residential IPs start at $0.65/GB pay-as-you-go with no KYC and a balance that does not expire, which fits a job that runs in bursts. Anyone selling residential proxies as a one-click Fastly bypass is skipping most of the problem. Get all of it right and Fastly stops being a wall and becomes a checklist.

Sources

Frequently asked questions

Can residential proxies bypass Fastly's Next-Gen WAF?
Partly. Residential proxies fix the IP-reputation signal and get you off the datacenter ranges and the Network Learning Exchange lists that Fastly shares across its customers. But Fastly's heritage is Signal Sciences, which scores request signals and rate at the edge, and Fastly Bot Management adds a client-side challenge that fingerprints headless browsers. A clean residential IP behind a bare HTTP client still trips the request-shape signals and never earns the challenge cookie, so the IP is necessary and not sufficient.
What is Signal Sciences and how is it different from a normal WAF?
Signal Sciences is the product Fastly Next-Gen WAF grew out of. Instead of matching payloads against a static signature list, it attaches named signals to requests (things like an anomalous header order, a scraper pattern, or an abuse attempt) and rate-limits or alerts when a source crosses a threshold on those signals. That means it can flag a scraper on request behavior and rate even before any client-side JavaScript runs, which is why a fresh IP alone often does not move the block.
What is the Network Learning Exchange (NLX)?
NLX is Fastly's cross-customer threat intelligence. When one Signal Sciences customer confirms malicious traffic from an IP, that reputation is shared so other customers can act on it, which means an address burned scraping one Fastly site can arrive pre-flagged at the next. Datacenter ranges accumulate NLX reputation fast because they are reused heavily, and a clean residential IP is how you start off those lists rather than on them.
What are the _fs_ch_cp and _fs_cd_cp cookies?
They are the cookies Fastly Bot Management uses for its client challenge. The _fs_ch_cp challenge-complete cookie signals that a client has passed the challenge and access should be permitted, and the _fs_cd_cp cookie is issued from your own domain as part of the advanced client-side detection. A client that never runs the challenge JavaScript never receives these cookies, so it stays in the unproven bucket no matter how clean its IP is.
Does Fastly detect headless browsers?
Yes, when Bot Management's advanced client-side detection is enabled. Fastly documents a JavaScript snippet you embed in the page that detects bots leveraging headless browsers such as headless Chrome. So a stock Puppeteer or Playwright build on a perfect residential IP can still be caught by the client-side layer, which is exactly the automation tells (a webdriver flag, a headless build, missing browser context) that a proxy cannot touch.
Does rotating my IP on every request help against Fastly?
Not the way it helps against a plain rate limit. Signal Sciences can rate-limit on signals and identifiers other than the raw IP, and NLX reputation follows the address, so blind rotation mostly spreads your pattern across more flagged IPs. Once you pass the client challenge you also hold a challenge-complete cookie tied to that session, and rotating throws it away. Hold one sticky residential IP per flow and rotate between flows.

Proxies that don't die mid-job

Residential, ISP, datacenter and mobile, verified by the same engine that runs tens of millions of checks. They read as a real device and hold up under load. Pay as you go, and your balance never expires.

47M+ proxy checks run · 100+ countries · HTTP / HTTPS / SOCKS · re-checked every few minutes · no signup