Managing Static File Caching in PowerWAF
Introduction
Proper cache management is essential to fully benefit from a CDN like PowerWAF.
By storing static content across geographically distributed nodes, it reduces the load on the origin server and significantly improves website loading speed for end users.
PowerWAF automatically analyzes traffic patterns and applies smart caching rules by default to optimize performance with minimal setup. However, keeping a consistent cache strategy between the origin server and PowerWAF is crucial to ensure a fast, secure, and up-to-date user experience.
Configuring Static File Cache
PowerWAF respects HTTP cache headers set by the web server. Additionally, when no explicit cache policy is defined, PowerWAF applies a default behavior that favors performance for safe static assets.
This guide explains how to properly control caching of static files in your application.
How PowerWAF Interprets Cache Headers
When a response includes HTTP headers like Cache-Control, Expires, or Last-Modified, PowerWAF analyzes them to determine whether the file should be cached or not. The logic follows common browser behavior standards, ensuring compatibility and predictability.
Main headers PowerWAF considers:
| Header | Purpose |
|---|---|
Cache-Control | Main directive that defines caching rules (public, no-store, etc). |
Expires | Defines a specific expiration date/time for the cached content. |
Last-Modified | Indicates when the resource was last changed. |
If
Cache-Control: max-ageis present, it takes priority overExpires. If no cache headers are defined, PowerWAF may fall back toLast-Modified.
Examples of behavior:
Cache-Control: public→ ✅ Cached.Cache-Control: no-store→ ❌ Never cached.Cache-Control: no-cache→ ⚠️ Cached, but must revalidate with origin.Cache-Control: private→ ❌ Not cached by shared caches like PowerWAF’s CDN.Cache-Control: max-age=3600→ ✅ Cached for 1 hour.Cache-Control: must-revalidate→ ⚠️ Cached, but revalidation is mandatory after expiration.
If none of these headers are set, PowerWAF will apply default caching rules based on file type (see next section).
Default Behavior in PowerWAF
When no cache headers are present, PowerWAF applies a smart default strategy:
- Files with specific extensions are considered safe to cache and will be cached automatically.
- Static files with query ?v= parameter (e.g.
style.css?v=2) are treated as immutable and safe to cache. - For files with a
Last-Modifieddate but no explicit cache policy, PowerWAF uses a fallback heuristic based on the modification date.
Extensions cached by default:
avif, bmp, css, doc, docx, ejs, eot,
eps, gif, ico, jar, jpeg, jpg, js, mid,
midi, otf, pdf, pict, pls, png, ppt, pptx,
ps, svg, svgz, swf, tif, tiff, ttf, webp,
woff, woff2, xls, xlsx
Common Cache Settings
Cache-Control Directive | Cache Allowed? | Explanation |
|---|---|---|
public | ✅ Yes | Can be cached by browsers and shared caches (e.g. CDNs). |
private | ⚠️ Limited | Cached only by the user's browser. |
no-cache | ⚠️ With check | Must revalidate with server before reuse. |
no-store | ❌ No | Prevents any caching at all. Recommended for sensitive data. |
max-age=SECONDS | ✅ Yes | Defines how long the file can be cached without revalidation. |
must-revalidate | ⚠️ Yes, strict | Requires validation once expired. |
immutable | ✅ Yes | Indicates the file won’t change, allowing long-term caching. |
Allowing Caching
Why allow caching?
Enabling caching for static assets improves website performance and reduces load on your server. When caching is enabled, both the browser and PowerWAF’s integrated CDN can serve cached copies of files, reducing repeated requests to the origin.
This is especially useful for files that change infrequently (e.g. images, CSS, or versioned JS files like app.v3.js). It also improves scores on tools like Google PageSpeed.
✅ Recommended for: Images, fonts, stylesheets, and JavaScript files that change rarely.
Apache (.htaccess)
<FilesMatch "\.(jpg|jpeg|png|css|js|woff2?)$">
Header set Cache-Control "public, max-age=31536000, immutable"
</FilesMatch>
Nginx
location ~* \.(jpg|jpeg|png|css|js|woff2?)$ {
add_header Cache-Control "public, max-age=31536000, immutable";
}
IIS (web.config)
<configuration>
<system.webServer>
<staticContent>
<clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="365.00:00:00" />
</staticContent>
<staticContent>
<mimeMap fileExtension=".css" mimeType="text/css" />
<mimeMap fileExtension=".png" mimeType="image/png" />
<mimeMap fileExtension=".jpg" mimeType="image/jpeg" />
</staticContent>
</system.webServer>
</configuration>
Preventing Caching
Why prevent caching?
In some cases, you want to ensure that browsers and PowerWAF’s CDN always fetch the latest version of a file. This is important when:
- Files change often but retain the same name
- Files contain personalized or sensitive data
- You need full control over each request
❌ Recommended for: Dynamic files, sensitive data, or unversioned frequently-updated files.
Apache (.htaccess)
<FilesMatch "\.(jpg|jpeg|png|css|js)$">
Header set Cache-Control "no-store, no-cache, must-revalidate"
Header set Pragma "no-cache"
Header set Expires "0"
</FilesMatch>
Nginx
location ~* \.(jpg|jpeg|png|css|js)$ {
add_header Cache-Control "no-store, no-cache, must-revalidate";
add_header Pragma "no-cache";
add_header Expires "0";
}
IIS (web.config)
Create a web.confg file in the folder where the files are located and add the following code:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<staticContent>
<clientCache cacheControlMode="DisableCache" />
<!-- Override MIME types to disable cache -->
<remove fileExtension=".pdf" />
<mimeMap fileExtension=".pdf" mimeType="application/pdf" />
<remove fileExtension=".jpg" />
<mimeMap fileExtension=".jpg" mimeType="image/jpeg" />
</staticContent>
</system.webServer>
</configuration>
Practical Examples
| File | Goal | Recommended Header Configuration |
|---|---|---|
logo.jpg | Cache for 1 year | public, max-age=31536000, immutable |
style.css?v=2 | Versioned static | Automatically cacheable by PowerWAF |
main.css | Prevent caching | no-store, no-cache, must-revalidate |
private-doc.pdf | Sensitive document | no-store |
custom.js no header | Depends on type | Cached by default if extension is .js |
After making any changes to the cache policy on the origin server, it is necessary to clear PowerWAF’s cache to ensure the updates are reflected correctly.
Best Practices
- If a file never changes, cache it with
max-ageandimmutable. - If it changes without a filename change, disable caching.
- If possible, version the file (e.g.
?v=3) to allow long-term caching with control. - PowerWAF will cache many file types by default. If you need different behavior, define headers explicitly.