January 15 2023

CloudFlare HTTP Status Codes cf-cache-status

Understand the CloudFlare cf-cache-status HTTP status codes to understand the correct functioning of the Cache.

Cloudflare CF Status Banner

CloudFlare is a Content Delivery Network (CDN) system that offers a number of features to improve website performance and security. Among them, the reverse proxy feature is one of the most important as it hides the IP address of the original server and protects the website from DDoS attacks and other threats.

Furthermore, using CloudFlare as a reverse proxy you can benefit from its caching functionality: it allows you to save a copy of the requested resource on the CloudFlare servers, in order to avoid having to always make a request to the original server, thus improving the performance of the website, since it allows you to reduce latency and increase the page loading speed . However, understanding how CloudFlare's cache works and how to interpret status codes can be complex.

In this article, we will focus on one specific aspect of CloudFlare, namely cache status codes.

How CloudFlare works via reverse proxy.

CloudFlare's reverse proxy feature is based on NGINX, which allows you to hide the IP address of the original server and protect your website from DDoS attacks and other threats. However, recently CloudFlare has started a migration from NGINX reverse proxy to Pingora, an internal Cloudflare technology, for performance reasons. The goal of this migration is to provide greater flexibility and performance for handling requests, especially with regards to handling DDoS attacks.

A reverse proxy is a system that acts as an intermediary between the client and the original server. When a client makes a request, it is routed to the reverse proxy, which in turn forwards it to the original server. The reverse proxy then receives the response from the original server and forwards it to the client.

Pingora Reverse Proxy Scheme

Answers cf-cache-status and what it means

The cf-cache-status response provided by CloudFlare is an important indicator to understand how the request was handled by the cache. There are several possible status codes, including HIT, MISS, EXPIRED, BYPASS, DYNAMIC and STALE, each of which indicates a specific situation. In this article, we're going to take a detailed look at what these status codes mean and how to interpret them to optimize website performance using CloudFlare.

cloudflare-cdn-header-cf-cache-status

CloudFlare status codes are a set of values ​​that indicate the cache status of a request. These values ​​are returned as part of the "cf-cache-status" HTTP header and can be used to understand how CloudFlare is handling requests to your site.

The most common values ​​for the "cf-cache-status" header are:

  • HIT: This indicates that the request was served from CloudFlare's cache. This means that CloudFlare saw the request and served it without forwarding it to your original server.
  • MISS: This indicates that the request was not found in CloudFlare's cache and was therefore forwarded to your original server to be processed.
  • EXPIRED: This indicates that the request was served from a resource in CloudFlare's cache, but that the resource has expired and needs to be updated by your original server.
  • BYPASS: This indicates that CloudFlare has decided to bypass the cache for this request and forward it directly to your original server. This can happen in case of requests that cannot be cached, such as those made via POST method.

Also, there are other less common values ​​like “DYNAMIC","STALE"And"UPDATE” which can indicate the cache status of the request in detail.

What does cf-cache-status:HIT mean?

The term HIT in CloudFlare's cf-cache-status response indicates that the request was serviced from CloudFlare's cache, i.e. CloudFlare used a copy of the resource present in its cache to service the request. This avoids forwarding the request to the original server, improving performance and reducing latency, i.e. Time To First Byte or TTFB.

When CloudFlare receives a request, it first checks its cache to see if a copy of the requested resource is already there. If the copy is present and still valid, CloudFlare uses it to service the request and returns a HIT response.

What does cf-cache-status: MISS mean?

The term MISS in CloudFlare's cf-cache-status response indicates that the request was not serviced from CloudFlare's cache and thus forwarded to the original server to obtain the requested resource. This can happen in several cases, for example when the resource is not present in the CloudFlare cache or when the copy present in the cache has expired. In these cases, CloudFlare will send the request to the original server and save a copy of the response in its cache for future requests. This helps reduce the load on the original server and improves performance for subsequent requests. The next time this resource is accessed, its status should be HIT.

What does cf-cache-status: EXPIRED mean?

The term EXPIRED in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource that is in CloudFlare's cache, but that copy has expired. This means that CloudFlare has used a copy of the asset that is in its cache, but that this copy is no longer valid because its validity period has expired. In this case, CloudFlare will send a new request to the original server to get an updated copy of the resource and save a copy of the response in its cache for future requests. This helps keep CloudFlare's cache up to date and ensures that requests are always served with the latest version of the resource.

What does cf-cache-status: BYPASS mean?

The term BYPASS in CloudFlare's cf-cache-status response indicates that the request was not serviced from CloudFlare's cache and was therefore forwarded to the original server to obtain the requested resource. This can happen for several reasons, for example:

  • CloudFlare can be configured to bypass the cache for certain requests, such as those made by authenticated users or from specific IP addresses.
  • The request can be of type POST, PUT, DELETE, i.e. request methods that cannot be managed by the cache.
  • The resource can have a specific cache label that tells CloudFlare not to cache it
  • The resource may have a short lifespan and therefore it would be inappropriate to cache it

Bypassing the CloudFlare cache means that the request is forwarded directly to the original server to obtain the requested resource, without using the copy present in the CloudFlare cache. This helps ensure that the request is always served with the latest version of the resource, but can impact performance since the request must be processed by the original server.

What does cf-cache-status: DYNAMIC mean?

The term DYNAMIC in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource present in CloudFlare's cache but this copy was generated dynamically. This means that CloudFlare used a copy of the resource that was in its cache, but this copy was dynamically generated at the time of the request, using a script or an application. This is used to manage dynamic content such as websites using PHP or user-based personalized content. In this case, CloudFlare uses the cache to avoid always processing the request through the script or application, but generates a copy dynamically only when needed. This improves performance and reduces latency, but requires more processing than static caching mode.

What does cf-cache-status: STALE mean?

The term STALE in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource in CloudFlare's cache, but this copy is no longer valid as its validity period has expired. In this case, CloudFlare uses the copy present in its cache, but at the same time sends a new request to the original server to get an updated copy of the resource. This allows the request to be served immediately using the cached copy, but also ensures that the cache is up-to-date with the latest version of the resource.

This is useful when you want to avoid showing an error for an unavailable page, but at the same time you want to have an up-to-date copy of the resource for future requests.

In general, using the “STALE” mode strikes a balance between performance and content freshness, but it depends on the specific needs of your website or application.

What does cf-cache-status: UPDATING mean?

The term UPDATING in CloudFlare's cf-cache-status response indicates that the request was served by a copy of the resource in CloudFlare's cache, but that a new copy of the resource is currently being fetched from the original server to update the cache. In this case, CloudFlare will use the copy present in its cache to serve the current request, but at the same time it will send a new request to the original server to get an updated copy of the resource. This allows the request to be served immediately using the cached copy, but also ensures that the cache is updated with the latest version of the resource as soon as possible.

This UPDATING state is transient and subsequently the request will be served with one of the responses HIT, EXPIRED, STALE or MISS, depending on the configured cache settings.

Knowing these values ​​and understanding how CloudFlare is handling requests to your site can help you optimize your account setup and improve your site's performance for visitors.

Conclusion

CloudFlare is an affordable and functional solution to improve website performance and security. Its caching and Content Delivery Network (CDN) functionality allows you to reduce latency and increase page loading speed. However, to get the maximum benefits from CloudFlare, it's important to make sure your caching is properly configured and efficient.

An important metric for assessing CloudFlare's cache efficiency is the HIT Ratio, i.e. the ratio of requests served from the cache (HIT) to those that must be forwarded to the original server (MISS). The higher the HIT Ratio, the higher the cache efficiency. A low HIT Ratio indicates that many requests need to be forwarded to the original server and therefore the cache is not configured correctly or is not efficient.

There is a crucial aspect that no one says, which is that although CloudFlare helps to lower the TTFB and latency for HIT-type requests, it tends to increase them for MISS-type requests or in any case all those that need to fetch the content from the origin server, adding the inverse latency needed to retrieve the content from the origin server and therefore adding both the geographic latency that the duration of the SSL handshake and the wait time for the origin server to generate a response.

tls-ssl-handshake

To get the maximum benefits from CloudFlare, it is therefore important to constantly monitor the HIT Ratio and, if necessary, make changes to the cache configuration to improve efficiency. In addition, it is also important to monitor other performance indicators such as latency, number of requests and request status to have a complete picture of the functioning of the cache and your configuration.

Not sure how to properly configure CloudFlare cache to get the maximum performance of your website? Not sure if your current setup is optimized for your needs? Contact us! Our experts will help you better understand how CloudFlare cache works and configure it to get the maximum benefits for your website. With our advice, you will be able to increase the speed of your website, improve the user experience and protect your website from DDoS attacks.

Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.

0256569681

Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.

INFORMATION

Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat®, RHEL®, RedHat Linux®, and CentOS®; AlmaLinux™ is a trademark of AlmaLinux OS Foundation; Rocky Linux® is a registered trademark of the Rocky Linux Foundation; SUSE® is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu®; Software in the Public Interest, Inc. holds the rights to Debian®; Linus Torvalds holds the rights to Linux®; FreeBSD® is a registered trademark of The FreeBSD Foundation; NetBSD® is a registered trademark of The NetBSD Foundation; OpenBSD® is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle®, MySQL®, and MyRocks®; Percona® is a registered trademark of Percona LLC; MariaDB® is a registered trademark of MariaDB Corporation Ab; REDIS® is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX® and NGINX Plus®; Varnish® is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento®; PrestaShop® is a registered trademark of PrestaShop SA; OpenCart® is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress®, WooCommerce®, and JetPack®; Open Source Matters, Inc. owns the rights to Joomla®; Dries Buytaert holds the rights to Drupal®. Amazon Web Services, Inc. holds the rights to AWS®; Google LLC holds the rights to Google Cloud™ and Chrome™; Microsoft Corporation holds the rights to Microsoft®, Azure®, and Internet Explorer®; Mozilla Foundation owns the rights to Firefox®. Apache® is a registered trademark of The Apache Software Foundation; PHP® is a registered trademark of the PHP Group. CloudFlare® is a registered trademark of Cloudflare, Inc.; NETSCOUT® is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch®, LogStash®, and Kibana® are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner®; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel®, LLC owns the rights to cPanel®; Plesk® is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook®. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER® is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.

JUST A MOMENT !

Would you like to see how your WooCommerce runs on our systems without having to migrate anything? 

Enter the address of your WooCommerce site and you will get a navigable demonstration, without having to do absolutely anything and completely free.

No thanks, my customers prefer the slow site.
Back to top