How to set HTTP headers for cache-control

Question

How to enable browser caching for my site  Do I just put cache-control public somewhere up in my header like this    lt  DOCTYPE html PUBLIC  -  W3C  DTD XHTML 1 0 Transitional  EN      http   www w3 org TR xhtml1 DTD xhtml1-transitional dtd  Cache-Control public   gt    I am using the latest version of PHP developing on the latest version of XAMPP

User · Answer

The page at http   www askapache com htaccess apache-speed-cache-control html suggests using something like this          Add Cache-Control Headers      This goes in your root  htaccess file but if you have access to   httpd conf that is better    This code uses the FilesMatch directive and the Header directive to add Cache-Control Headers to certain files     480 weeks  lt FilesMatch     ico pdf flv jpg jpeg png gif js css swf    gt  Header set Cache-Control  max-age 290304000  public   lt  FilesMatch gt

User · Answer

This is the best  htaccess I have used in my actual website    lt ifModule mod gzip c gt  mod gzip on Yes mod gzip dechunk Yes mod gzip item include file   html  txt css js php pl   mod gzip item include handler  cgi-script  mod gzip item include mime  text    mod gzip item include mime  application x-javascript   mod gzip item exclude mime  image    mod gzip item exclude rspheader  Content-Encoding   gzip    lt  ifModule gt     Tweaks   Header set X-Frame-Options SAMEORIGIN     EXPIRES CACHING     lt IfModule mod expires c gt  ExpiresActive On ExpiresByType image jpg  access 1 year  ExpiresByType image jpeg  access 1 year  ExpiresByType image gif  access 1 year  ExpiresByType image png  access 1 year  ExpiresByType text css  access 1 month  ExpiresByType text html  access 1 month  ExpiresByType application pdf  access 1 month  ExpiresByType text x-javascript  access 1 month  ExpiresByType application x-shockwave-flash  access 1 month  ExpiresByType image x-icon  access 1 year  ExpiresDefault  access 1 month   lt  IfModule gt     EXPIRES CACHING      lt IfModule mod headers c gt      Header set Connection keep-alive      lt filesmatch     ico flv gif swf eot woff otf ttf svg    gt          Header set Cache-Control  max-age 2592000  public       lt  filesmatch gt       lt filesmatch     jpg jpeg png    gt          Header set Cache-Control  max-age 1209600  public       lt  filesmatch gt        css and js should use private for proxy caching https   developers google com speed docs best-practices caching LeverageProxyCaching      lt filesmatch     css    gt          Header set Cache-Control  max-age 31536000  private       lt  filesmatch gt       lt filesmatch     js    gt          Header set Cache-Control  max-age 1209600  private       lt  filesmatch gt       lt filesMatch     x html  php    gt          Header set Cache-Control  max-age 600  private  must-revalidate         lt  filesMatch gt   lt  IfModule gt

User · Answer

As I wrote is best to use the file  htaccess  However beware of the time you leave the contents in the cache   Use    lt FilesMatch     ico pdf flv jpg jpeg png gif js css swf    gt  Header set Cache-Control  max-age 604800  public   lt  FilesMatch gt    Where  604800   7 days  PS  This can be used to reset any header

User · Answer

The meta cache control tag allows Web publishers to define how pages should be handled by caches  They include directives to declare what should be cacheable  what may be stored by caches  modifications of the expiration mechanism  and revalidation and  reload controls   The allowed values are   Public - may be cached in public shared caches Private - may only be cached in private cache no-Cache - may not be cached no-Store - may be cached but not archived  Please be careful about case sensitivity  Add the following meta tag in the source of your webpage  The difference in spelling at the end of the tag is either you use            xml or      html        lt meta http-equiv  Cache-control  content  public  gt       lt meta http-equiv  Cache-control  content  private  gt       lt meta http-equiv  Cache-control  content  no-cache  gt       lt meta http-equiv  Cache-control  content  no-store  gt    Source-  MetaTags

User · Answer

OWASP recommends the following   Whenever possible ensure the cache-control HTTP header is set with no-cache  no-store  must-revalidate  private  and that the pragma HTTP header is set with no-cache    lt IfModule mod headers c gt      Header set Cache-Control  private  no-cache  no-store  proxy-revalidate  no-transform      Header set Pragma  no-cache   lt  IfModule gt

User · Answer

For Apache server  you should check mod expires for setting Expires and Cache-Control headers   Alternatively  you can use Header directive to add Cache-Control on your own   Header set Cache-Control  max-age 290304000  public

User · Answer

You can set the headers in PHP by using    lt  php     set headers to NOT cache a page   header  Cache-Control  no-cache  must-revalidate      HTTP 1 1   header  Pragma  no-cache      HTTP 1 0   header  Expires  Sat  26 Jul 1997 05 00 00 GMT       Date in the past      or  if you DO want a file to cache  use    header  Cache-Control  max-age 2592000      30days  60sec   60min   24hours   30days     gt    Note that the exact headers used will depend on your needs  and if you need to support HTTP 1 0 and or HTTP 1 1

User · Answer

To use cache-control in HTML  you use the meta tag  e g   lt meta http-equiv  quot Cache-control quot  content  quot public quot  gt   The value in the content field is defined as one of the four values below  Some information on the Cache-Control header is as follows  HTTP 1 1  Allowed values   PUBLIC   PRIVATE   NO-CACHE   NO-STORE  Public - may be cached in public shared caches  Private - may only be cached in private cache  No-Cache - may not be cached  No-Store - may be cached but not archived  The directive CACHE-CONTROL NO-CACHE indicates cached information should not be used and instead requests should be forwarded to the origin server  This  directive has the same semantics as the PRAGMA NO-CACHE  Clients SHOULD include both PRAGMA  NO-CACHE and CACHE-CONTROL  NO-CACHE when a no-cache request is sent to a server not known to be HTTP 1 1 compliant   Also see  EXPIRES  Note  It may be better to specify cache commands in HTTP than in META statements  where they can  influence more than the browser  but proxies and other intermediaries that may cache information

[http] How to set HTTP headers (for cache-control)?

Add Cache-Control Headers

Examples related to http

Examples related to browser-cache