Table of contents of the article:
CloudFlare is a Content Delivery Network (CDN) system that offers a number of features to improve website performance and security. Among them, the reverse proxy feature is one of the most important as it hides the IP address of the original server and protects the website from DDoS attacks and other threats.
Furthermore, using CloudFlare as a reverse proxy you can benefit from its caching functionality: it allows you to save a copy of the requested resource on the CloudFlare servers, in order to avoid having to always make a request to the original server, thus improving the performance of the website, since it allows you to reduce latency and increase the page loading speed . However, understanding how CloudFlare's cache works and how to interpret status codes can be complex.
In this article, we will focus on one specific aspect of CloudFlare, namely cache status codes.
How CloudFlare works via reverse proxy.
CloudFlare's reverse proxy feature is based on NGINX, which allows you to hide the IP address of the original server and protect your website from DDoS attacks and other threats. However, recently CloudFlare has started a migration from NGINX reverse proxy to Pingora, an internal Cloudflare technology, for performance reasons. The goal of this migration is to provide greater flexibility and performance for handling requests, especially with regards to handling DDoS attacks.
A reverse proxy is a system that acts as an intermediary between the client and the original server. When a client makes a request, it is routed to the reverse proxy, which in turn forwards it to the original server. The reverse proxy then receives the response from the original server and forwards it to the client.
Answers cf-cache-status and what it means
The cf-cache-status response provided by CloudFlare is an important indicator to understand how the request was handled by the cache. There are several possible status codes, including HIT, MISS, EXPIRED, BYPASS, DYNAMIC and STALE, each of which indicates a specific situation. In this article, we're going to take a detailed look at what these status codes mean and how to interpret them to optimize website performance using CloudFlare.
CloudFlare status codes are a set of values that indicate the cache status of a request. These values are returned as part of the "cf-cache-status" HTTP header and can be used to understand how CloudFlare is handling requests to your site.
The most common values for the "cf-cache-status" header are:
- HIT: This indicates that the request was served from CloudFlare's cache. This means that CloudFlare saw the request and served it without forwarding it to your original server.
- MISS: This indicates that the request was not found in CloudFlare's cache and was therefore forwarded to your original server to be processed.
- EXPIRED: This indicates that the request was served from a resource in CloudFlare's cache, but that the resource has expired and needs to be updated by your original server.
- BYPASS: This indicates that CloudFlare has decided to bypass the cache for this request and forward it directly to your original server. This can happen in case of requests that cannot be cached, such as those made via POST method.
Also, there are other less common values like “DYNAMIC","STALE"And"UPDATE” which can indicate the cache status of the request in detail.
What does cf-cache-status:HIT mean?
The term HIT in CloudFlare's cf-cache-status response indicates that the request was serviced from CloudFlare's cache, i.e. CloudFlare used a copy of the resource present in its cache to service the request. This avoids forwarding the request to the original server, improving performance and reducing latency, i.e. Time To First Byte or TTFB.
When CloudFlare receives a request, it first checks its cache to see if a copy of the requested resource is already there. If the copy is present and still valid, CloudFlare uses it to service the request and returns a HIT response.
What does cf-cache-status: MISS mean?
The term MISS in CloudFlare's cf-cache-status response indicates that the request was not serviced from CloudFlare's cache and thus forwarded to the original server to obtain the requested resource. This can happen in several cases, for example when the resource is not present in the CloudFlare cache or when the copy present in the cache has expired. In these cases, CloudFlare will send the request to the original server and save a copy of the response in its cache for future requests. This helps reduce the load on the original server and improves performance for subsequent requests. The next time this resource is accessed, its status should be HIT.
What does cf-cache-status: EXPIRED mean?
The term EXPIRED in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource that is in CloudFlare's cache, but that copy has expired. This means that CloudFlare has used a copy of the asset that is in its cache, but that this copy is no longer valid because its validity period has expired. In this case, CloudFlare will send a new request to the original server to get an updated copy of the resource and save a copy of the response in its cache for future requests. This helps keep CloudFlare's cache up to date and ensures that requests are always served with the latest version of the resource.
What does cf-cache-status: BYPASS mean?
The term BYPASS in CloudFlare's cf-cache-status response indicates that the request was not serviced from CloudFlare's cache and was therefore forwarded to the original server to obtain the requested resource. This can happen for several reasons, for example:
- CloudFlare can be configured to bypass the cache for certain requests, such as those made by authenticated users or from specific IP addresses.
- The request can be of type POST, PUT, DELETE, i.e. request methods that cannot be managed by the cache.
- The resource can have a specific cache label that tells CloudFlare not to cache it
- The resource may have a short lifespan and therefore it would be inappropriate to cache it
Bypassing the CloudFlare cache means that the request is forwarded directly to the original server to obtain the requested resource, without using the copy present in the CloudFlare cache. This helps ensure that the request is always served with the latest version of the resource, but can impact performance since the request must be processed by the original server.
What does cf-cache-status: DYNAMIC mean?
The term DYNAMIC in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource present in CloudFlare's cache but this copy was generated dynamically. This means that CloudFlare used a copy of the resource that was in its cache, but this copy was dynamically generated at the time of the request, using a script or an application. This is used to manage dynamic content such as websites using PHP or user-based personalized content. In this case, CloudFlare uses the cache to avoid always processing the request through the script or application, but generates a copy dynamically only when needed. This improves performance and reduces latency, but requires more processing than static caching mode.
What does cf-cache-status: STALE mean?
The term STALE in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource in CloudFlare's cache, but this copy is no longer valid as its validity period has expired. In this case, CloudFlare uses the copy present in its cache, but at the same time sends a new request to the original server to get an updated copy of the resource. This allows the request to be served immediately using the cached copy, but also ensures that the cache is up-to-date with the latest version of the resource.
This is useful when you want to avoid showing an error for an unavailable page, but at the same time you want to have an up-to-date copy of the resource for future requests.
In general, using the “STALE” mode strikes a balance between performance and content freshness, but it depends on the specific needs of your website or application.
What does cf-cache-status: UPDATING mean?
The term UPDATING in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource in CloudFlare's cache, but that a new copy of the resource is currently being fetched from the original server to update the cache. In this case, CloudFlare will use the copy present in its cache to serve the current request, but at the same time it will send a new request to the original server to get an updated copy of the resource. This allows the request to be served immediately using the cached copy, but also ensures that the cache is updated with the latest version of the resource as soon as possible.
This UPDATING state is transient and subsequently the request will be served with one of the responses HIT, EXPIRED, STALE or MISS, depending on the configured cache settings.
Knowing these values and understanding how CloudFlare is handling requests to your site can help you optimize your account setup and improve your site's performance for visitors.
Conclusion
CloudFlare is an affordable and functional solution to improve website performance and security. Its caching and Content Delivery Network (CDN) functionality allows you to reduce latency and increase page loading speed. However, to get the maximum benefits from CloudFlare, it's important to make sure your caching is properly configured and efficient.
An important metric for assessing CloudFlare's cache efficiency is the HIT Ratio, i.e. the ratio of requests served from the cache (HIT) to those that must be forwarded to the original server (MISS). The higher the HIT Ratio, the higher the cache efficiency. A low HIT Ratio indicates that many requests need to be forwarded to the original server and therefore the cache is not configured correctly or is not efficient.
There is a crucial aspect that no one says, which is that although CloudFlare helps to lower the TTFB and latency for HIT-type requests, it tends to increase them for MISS-type requests or in any case all those that need to fetch the content from the origin server, adding the inverse latency needed to retrieve the content from the origin server and therefore adding both the geographic latency that the duration of the SSL handshake and the wait time for the origin server to generate a response.
To get the maximum benefits from CloudFlare, it is therefore important to constantly monitor the HIT Ratio and, if necessary, make changes to the cache configuration to improve efficiency. In addition, it is also important to monitor other performance indicators such as latency, number of requests and request status to have a complete picture of the functioning of the cache and your configuration.
Not sure how to properly configure CloudFlare cache to get the maximum performance of your website? Not sure if your current setup is optimized for your needs? Contact us! Our experts will help you better understand how CloudFlare cache works and configure it to get the maximum benefits for your website. With our advice, you will be able to increase the speed of your website, improve the user experience and protect your website from DDoS attacks.