I've configured Apache under windows to enable cache like this
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule deflate_module modules/mod_deflate.so
ExpiresActive On
ExpiresDefault "access plus 3 days"
ExpiresByType image/x-icon "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
<IfModule mod_headers.c>
# YEAR
<FilesMatch "\.(ico|gif|jpg|jpeg|png|flv|pdf)$">
Header set Cache-Control "max-age=29030400"
</FilesMatch>
# WEEK
<FilesMatch "\.(js|css|swf)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
# 45 MIN
<FilesMatch "\.(html|htm|txt)$">
Header set Cache-Control "max-age=2700"
</FilesMatch>
</IfModule>
When I try to open js file directly in browser (to test) by refreshing again and again then each time I get response status 200 with Firebug. Its not sending status "304 Not Modified". Have u any idea how can I achieve this. Following is the output of Firebug headers.
Response Header
Date Sat, 13 Aug 2011 01:18:15 GMT
Server Apache/2.2.19 (Win32) PHP/5.3.6
Last-Modified Sat, 13 Aug 2011 01:18:15 GMT
Etag W/"100000000171d-34f08-4aa5f022d9780"
Accept-Ranges bytes
Content-Length 216840
Cache-Control max-age=604800
Expires Tue, 16 Aug 2011 01:18:15 GMT
Keep-Alive timeout=5, max=100
Connection Keep-Alive
Content-Type application/javascript
Request Header
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language en-us,en;q=0.5
Accept-Encoding gzip, deflate
Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection keep-alive
Cookie PHPSESSID=5k947khv1j27itd7mtp5evtg07
If-Modified-Since Sat, 13 Aug 2011 01:03:42 GMT
If-None-Match W/"100000000171d-34f08-4aa5f022d9780"
Cache-Control max-age=0
The request contains a if-modified-since-header:
Sat, 13 Aug 2011 01:03:42 GMT
But the response contains a last-modified-header with a time later than that:
Sat, 13 Aug 2011 01:18:15 GMT
..so the file has to be loaded again.
Try unsetting the last-modified-header: http://www.askapache.com/htaccess/apache-speed-last-modified.html
Related
I have a PHP script which includes a user panel. Inside this user panel there is some information such as their details, account balance, items assigned to their account.
While browsing through the user panel occasionally you will be randomly shown another users account page, but upon refresh it will go back to yours.
I originally thought that there was some sort of PHP session corruption going on, but I began logging all requests (IP of requestor + the user ID). From this I was able to determine that the PHP is never executed when another users account page is randomly/accidentally served. (There was never a log entry from my IP for the "random" account that showed up)
The website uses cloudflare, although I have added a page rule to disable caching for the entire client area.
I have added this which is output for every request made in the client area:
session_cache_limiter('private_no_expire:');
header("Cache-Control: no-store, no-cache, must-revalidate"); // HTTP/1.1
header("Cache-Control: post-check=0, pre-check=0", false);
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Pragma: no-cache"); // HTTP/1.0
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
In my htaccess file I am using mod_expires with the following:
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access 1 year"
ExpiresByType image/jpeg "access 1 year"
ExpiresByType image/gif "access 1 year"
ExpiresByType image/png "access 1 year"
ExpiresByType text/css "access 1 month"
ExpiresByType application/pdf "access 1 month"
ExpiresByType text/x-javascript "access 1 month"
ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresByType text/html "access 0 seconds"
ExpiresDefault "access 1 month"
</IfModule>
At this point I have absolutely no idea what else I can do to prevent ISPs/Cloudflare from serving the cached version.
Does anyone have any ideas as to what could be causing a cached version of my user panel pages to be shown to users?
The response headers from an occasion where this has happened are bellow.
HTTP/2.0 200 OK
date: Wed, 27 Feb 2019 21:03:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
last-modified: Wed, 27 Feb 2019 21:03:29 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: HIT
x-server-powered-by: Engintron
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4afd99361e6e3b14-YVR
content-encoding: br
X-Firefox-Spdy: h2
Turns out it was Nginx micro caching causing the issue.
Added this and it fixed the issue:
if ($host ~ "portal.domain.com") {
set $CACHE_BYPASS_FOR_DYNAMIC 1;
set $CACHE_BYPASS_FOR_STATIC 1;
}
Earlier I have image with dimensions(675*774) and I updated the image with resolution 250*250 but still it's showing old image.
https://shop.olamsvi.com/pub/media/catalog/category/Picture1_2.png
When I load same Image with ?<random_number> updated image is showing with dimensions (250 * 250)
https://shop.olamsvi.com/pub/media/catalog/category/Picture1_2.png?22
I have deleted my browser cache and also checked in incognito.
Can any one tell what could be the issue.
Sorry for my bad English.
Apparently there is Varnish caching HTTP reverse proxy in front of your Apache server, which is serving the cached copy of the image (because it was configured to do so).
You can observe that from HTTP response headers:
$ curl -v -s https://shop.olamsvi.com/pub/media/catalog/category/Picture1_2.png -o file.png
* Trying 52.163.125.20...
* TCP_NODELAY set
* Connected to shop.olamsvi.com (52.163.125.20) port 443 (#0)
...
> GET /pub/media/catalog/category/Picture1_2.png HTTP/1.1
> Host: shop.olamsvi.com
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Mon, 04 Jun 2018 11:52:41 GMT
< Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips PHP/7.0.21
< Content-Length: 410771
< Accept-Ranges: bytes
< Access-Control-Allow-Origin: *
< X-Frame-Options: SAMEORIGIN
< X-Varnish: 41773
< Age: 0
< Via: 1.1 varnish (Varnish/5.2)
< X-Original-Content-Length: 561788
< Etag: W/"PSA-aj-giNrXrkKdK"
< Expires: Fri, 22 Mar 2019 05:53:09 GMT
< Cache-Control: max-age=25120827, public
< X-Content-Type-Options: nosniff
< Content-Type: image/png
<
{ [16384 bytes data]
* Connection #0 to host shop.olamsvi.com left intact
Not the Via: 1.1 varnish (Varnish/5.2) and Expires: Fri, 22 Mar 2019 05:53:09 GMT lines.
It is usually very beneficial to cache your static resources, but you should also think about the way how to invalidate it (and when to do it)
Please, can you see this answer?
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 1 seconds"
ExpiresByType image/x-icon "access plus 2592000 seconds"
ExpiresByType image/gif "access plus 2592000 seconds"
ExpiresByType image/jpeg "access plus 2592000 seconds"
ExpiresByType image/png "access plus 2592000 seconds"
ExpiresByType text/css "access plus 604800 seconds"
ExpiresByType text/javascript "access plus 86400 seconds"
ExpiresByType application/x-javascript "access plus 86400 seconds"
</IfModule>
https://stackoverflow.com/a/13029007/4553685
Maybe it will help you
So set my vhost.conf file to have this Expires:
ExpiresActive On
ExpiresDefault "access plus 4 hours"
ExpiresByType application/javascript "access plus 10 years"
ExpiresByType application/x-javascript "access plus 10 years"
ExpiresByType text/javascript "access plus 10 years"
ExpiresByType text/html "access plus 1 hour"
ExpiresByType text/xml "access plus 1 hour"
ExpiresByType text/css "access plus 10 years"
ExpiresByType text/plain "access plus 1 hour"
ExpiresByType image/gif "access plus 10 years"
ExpiresByType image/jpg "access plus 10 years"
ExpiresByType image/jpeg "access plus 10 years"
ExpiresByType image/png "access plus 10 years"
ExpiresByType image/bmp "access plus 10 years"
ExpiresByType application/x-shockwave-flash "access plus 10 years"
I think it is working since the Response Headers are returning back a Cache-control set to the future:
Cache-Control max-age=315360000
Expires Sun, 04 Apr 2021 12:27:12 GMT
But I look at Firefox's Cache tab and it doesn't look pleasing
Last Modified Thu Apr 07 2011 20:27:08 GMT+0800 (Malay Peninsula Standard Time)
Last Fetched Thu Apr 07 2011 20:27:09 GMT+0800 (Malay Peninsula Standard Time)
Expires Sun Apr 04 2021 20:27:07 GMT+0800 (Malay Peninsula Standard Time)
Here's what's happening. Everytime I reload my website, the Last Modified header is always set to my current time. I didn't modify the files so why is it returning my current time?
It's a PHP script, the output of which was generated when you run the script, so the output has never existed before which means that the server couldn't attach a cache header to it.
You'll need to set the last modified time yourself with a header() call.
I am trying to set Expire header to 2 hours from access for text/html by using mod_expires like that:
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 2 hours"
ExpiresByType text/html "access plus 2 hours"
</IfModule>
However when used with PHP:
session_start();
Expires header is being reset to:
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Any ideas how to avoid that overwrite by session_start()?
OK, looks like have found an answer:
session_cache_limiter('public');
session_start();
does the trick, thanks.
Is it possible to avoid any connections from the browser at all if first response headers were set properly?
/* Caching control */
$age = 3600*24*30; // 30 days
header('Expires: ' . gmdate('D, d M Y H:i:s ', time() + $age) . 'GMT');
I have tried to setup this, but the request is reaching the server anyway.
I have found this:
The Expires header has the advantage that it's easy to implement; in most cases, however, unless you're a highly organized person, you won't know exactly when a given page on your site will be updated. Since the browser will only contact the server after the page has expired, there's no way to tell browsers that the page they've cached is out of date. In addition, you also lose some knowledge of the traffic visiting your web site, since the browser will not make contact with the server when it requests a page that's been cached.
The question is, why does Expires header I mentioned above is not working?
** Request Headers **
GET /ru/templates/bannerpartial HTTP/1.1
Host: 192.168.1.3
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.2.12) Gecko/20101026 AlexaToolbar/alxf-1.54 Firefox/3.6.12 FirePHP/0.4
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: ru-ru,ru;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: windows-1251,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: bla-bla-bla
Cache-Control: max-age=0
** Response headers **
HTTP/1.1 200 OK
Date: Tue, 09 Nov 2010 16:48:26 GMT
Server: Apache/2.2.14 (Unix) DAV/2 mod_ssl/2.2.14 OpenSSL/0.9.8l PHP/5.3.1 mod_apreq2-20090110/2.7.1 mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.1
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
Expires: Thu, 09 Dec 2010 16:48:26 GMT
Cache-Control: must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 118
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
It is simpler to use .htaccess file with these settings:
<ifModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 10 seconds"
ExpiresByType image/gif "access plus 31536000 seconds"
ExpiresByType image/jpeg "access plus 31536000 seconds"
ExpiresByType image/png "access plus 31536000 seconds"
ExpiresByType image/ico "access plus 86400 seconds"
ExpiresByType image/x-icon "access plus 86400 seconds"
ExpiresByType text/css "access plus 31536000 seconds"
ExpiresByType text/javascript "access plus 31536000 seconds"
ExpiresByType application/javascript "access plus 31536000 seconds"
ExpiresByType application/x-javascript "access plus 31536000 seconds"
ExpiresByType application/x-shockwave-flash "access plus 31536000 seconds"
<FilesMatch "\.(flv|gif|jpg|jpeg|png|ico)$">
Header set Cache-Control "max-age=31536000"
</FilesMatch>
AddType image/vnd.microsoft.icon .ico
ExpiresByType image/vnd.microsoft.icon "access plus 1 months"
</ifModule>
If it doesn't work, uncomment the below line in Apache's httpd.conf file (most of the hosted servers enable this module by default):
LoadModule expires_module modules/mod_expires.so
Expires header works only if you click on a link or select the browser's URL bar and press the Enter key. If you press the reload button (or press F5), the browser ignores the expires header and reloads the contents.
Try cache-control: max-age. See this guide for details: http://www.mnot.net/cache_docs/