CF doesn't respect to Origin Server Header

I have a page rule with Origin Cache Control and Cache Everything options. I send this cache control from my server:

cache-control: public, max-age=0, s-maxage=900

but CF returns:

cache-control: public, max-age=10800, s-maxage=900

Why does the CF not accept a value less than 10800 seconds for max-age?

You can check the origin response headers here:

HTTP/2 200
server: awselb/2.0
date: Sat, 05 Feb 2022 16:55:11 GMT
content-type: application/json
content-length: 23668
cache-control: public, max-age=0, s-maxage=900

And CF here:

HTTP/2 200
date: Sat, 05 Feb 2022 16:56:58 GMT
content-type: application/json
content-length: 23668
cache-control: public, max-age=10800, s-maxage=900
cf-cache-status: HIT
age: 51
last-modified: Sat, 05 Feb 2022 16:56:07 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri=""
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6d8dacd31c649030-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

P.S: The account type is Business.

Have you set any Browser Cache TTL under Caching - Configuration?

1 Like

Nope! I thought it would automatically respect it by using Origin Cache Control!

That’s interesting. Let’s see if @MVP has some ideas.

I use max-age 900 (one website) and 600 (other website) served by origin (for HTML), and a Page Rule is set with Origin Cache Control On and Cache Level: Cache Everything (despite one website is using Bypass on cookie in this combination), while Browser Cache TTL: Respect Existing Headers and Edge Cache TTL not used.

Check your origin for .json, does it serve some cache-control max-age for this specific MIME type? Is this JSON content/file a HTTP GET response? Was it generated by the PHP or?

I am not using s-maxage so far.

I’m not able to reproduce either, I have some “nearly dynamic” with a max-age=30 while most of the rest of the content in that directory is immutable and therefore has some excessively long cache time.

Works great, has for years.

The server is a AWS lambda (node.js) and the request is a HTTP GET. There is no default cache control on the origin server.

The server will only serve JSON content. This is an API server. I would like to have no client-side caching and a 15 minute edge cache.

It is interesting! I don’t see this option in my panel. Which types of accounts have access to this feature? I’m admin btw.

It shows up in my free and paid plans. It’s under Caching → Configuration:

Thank you for clarifying. I guess this option doesn’t help me. Since I need this option in a page rule. Are you aware of why CF overrides my original server cache control value?

I solved this problem with these headers:

    add_header           Surrogate-Control              "public, min-fresh=300, max-age=2419200, s-maxage=300";
    add_header           Cache-Control                  "public, min-fresh=300, max-age=2419200, s-maxage=300";
    add_header           Cloudflare-CDN-Cache-Control   "public, min-fresh=300, max-age=2419200, s-maxage=300";
    add_header           CDN-Cache-Control              300;
1 Like