Not able to cache static assets in cloudflare CDN

I’ve registered a new domain on Cloudflare which I’ve connected to a remix app hosted on But no files are beeing caches in the Cloudflare CDN and I can’t figure out why. Any tips on how to debug it? I’ve been struggeling a long time with this, reading docs and trying differnet settings, so any help would be usefull :slight_smile:

The domain I’ve registered is The javascript files have set Cache-Control: public, max-age=31536000, immutable, but the header Cf-Cache-Status gets the value DYNAMIC.
I also tried to add a rule to cache everything. Have set this to:*
Cache Level: Cache Everything

I’m currently on the Free plan.

I saw from another thread that I could be helpfull to run a curl command. The result is as following :
$ curl "" -svo /dev/null --ipv4 --connect-to ::x.x.x.x

* Connecting to hostname: x.x.x.x
*   Trying x.x.x.x:443...
* Connected to (nil) (x.x.x.x) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
*  CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
*  CApath: none
} [5 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [19 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [4207 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
*  subject:
*  start date: Sep 10 20:35:21 2023 GMT
*  expire date: Dec  9 20:35:20 2023 GMT
*  subjectAltName: host "" matched cert's ""
*  issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1P5
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
} [5 bytes data]
* h2h3 [:method: GET]
* h2h3 [:path: /build/_assets/global-2OGRYG6G.css]
* h2h3 [:scheme: https]
* h2h3 [:authority:]
* h2h3 [user-agent: curl/7.87.0]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x26099741e30)
} [5 bytes data]
> GET /build/_assets/global-2OGRYG6G.css HTTP/2
> Host:
> user-agent: curl/7.87.0
> accept: */*
{ [5 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [238 bytes data]
* [CONN-0-0][CF-SSL] TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [238 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/2 200
< date: Mon, 11 Sep 2023 21:49:53 GMT
< content-type: text/css; charset=UTF-8
< cf-ray: 80531f881d101bfa-OSL
< cf-cache-status: DYNAMIC
< cache-control: public, max-age=31536000, immutable
< etag: W/"206-18a7ab9af40"
< last-modified: Sat, 09 Sep 2023 16:15:04 GMT
< vary: Accept-Encoding
< x-render-origin-server: Render
< server: cloudflare
< alt-svc: h3=":443"; ma=86400
{ [5 bytes data]
* Connection #0 to host (nil) left intact

Hi @pbruvoll
Since the site is hosted on, and they are also a Cloudflare customer, this is a SSL for SaaS setup where their settings override yours, and you will need to reach out to them to modify caching for your Custom Hostname you have with them.
Alternatively, you could also use o2o which allows you to modify settings on your zone but still use a SSL for SaaS provider:
How Orange-to-Orange (O2O) works · Cloudflare for Platforms docs
As you can read here (Status of Shopify O2O for non-Enterprise Cloudflare users - #12 by mike114), the o2o feature is not yet generally available for PayGo customers, but you can send an email to smarsh@ to enable this for you manually.

Thx, I’ll send a mail to smarsh