What does cf-cache-status: BYPASS mean?


I’m trying to cache static html from my origin server. I have made a rule for www.mydomain.xxx/* ; set it to Cache Everything, Origin Cache Control is ON.

When i make a request, i see in the response header this: “cf-cache-status: BYPASS” despite the fact that my origin sets this as a header “cache-control: public, max-age=86400”. There is something obvious i’m missing so i’d appreciate any hints.

I also tried consulting this https://support.cloudflare.com/hc/en-us/articles/200168266-What-do-the-various-Cloudflare-cache-responses-HIT-Expired-etc-mean-, but there’s no mention of BYPASS header.


Weird. I have a Bypass Cache rule set for my login, and I don’t see a BYPASS header. Actually, no Cache-Status at all.

You wouldn’t happen to have some other Page Rule with a Bypass, would you?


Nope, my rules are as follow:

1, www.mydomain.xxx/wp-content/*
2, static.mydomain.xxx/*
(both Cache Everything, Edge Cache TTL: 7 days)
3rd www.mydomain.xxx/*
Cache everything, Origin Cache Control: ON

i even tried moving the problematic rule to the top to no avail. If i turn the origin cache control OFF, i get Cf Status: MISS all the time though.


I’m stumped. Maybe a Support Ticket is in order. I’d love to hear why this is happening.

  1. What if you use a more specific Match URL, just for testing? Match static.mydomain.xxx/testpage.html
  2. A “MISS” should turn into a HIT after a few visits. This isn’t happening?


Yeah, i just tried that and it works with the 3rd rule; i get headers like this:

cache-control: public, max-age=86400
cf-cache-status: HIT


Oh i think i just figured out, it’s probably because of cookies… If the server sets cookies it does not get cached and you get BYPASS header value.

I tried to make two locations in nginx conf - one just serves the static html & second servers the same file, but adds a bogus cookie. The first is cached and i get HIT, the second gets BYPASS


Are you using a Business or Enterprise plan? That sounds like Bypass on Cookies. I can’t readily find documentation on this, but I know it exists on the upper plans.

Oh, here it is, farther down the page:


No i’m not sadly, that’s the $200 dollar feature. Yeah i have read that, but i think that gives you option to cache or not cache when there is or is not a cookie present.

I thought that Cache Everything meant Cache Everything (regardless of cookies), apparently Cache Everything means Cache unless there is a cookie.


I guess that makes sense. If a Cookie is set, it’s probably for a specific user and you don’t want that stuff cached.

So…how/why are your static pages setting cookies?


it’s a wordpress site and i’m trying to accelerate the first page load (for instance when a user clicks on a banner).

The cookies are actually quite relevant for the target audience because they store things like currency or language (which are derived from a query param included in the banner link).

I think i can try to strip them and add them later, or just come up with something different.

closed #11

This topic was automatically closed after 14 days. New replies are no longer allowed.