Case Study: Python Software Foundation secures PyPI and delivers fast, reliable package access with Fastly

Python secures PyPI with Fastly handling 100,000 requests per second

The Python Software Foundation (PSF) faced the challenge of securing its Python Package Index (PyPI), a critical service for the open-source community, against sophisticated threats like account takeover attempts and automated scraping. With a small infrastructure team and an immense traffic load of 100,000 requests per second, PSF needed a way to maintain availability for legitimate users while gaining visibility into attack patterns. They turned to Fastly and its Next-Gen WAF for a solution.

Fastly's solution provided PyPI with robust security and massive scalability. By handling nearly 100,000 requests per second and achieving a 98-99% cache hit rate, Fastly dramatically reduced the load on PSF's backend. The integration of Fastly's Next-Gen WAF and features like real-time purging and observability tools allowed PSF to filter malicious traffic without impacting performance for legitimate developers. This partnership enabled PSF to sustain its service without a significant cost increase while preparing for future supply chain security threats.

Python