Advanced Caching Strategies
By the end of this lesson you will understand how to use Cache Rules for granular control, Tiered Caching for cache efficiency, and how to safely bypass cache for dynamic content.
The Caching Hierarchy
Cloudflare's default caching (Module 3) is a great start, but advanced applications need more control. The Ruleset Engine (Module 9) provides Cache Rules, which replace Page Rules as the modern way to manage caching.
flowchart TD
REQ["Incoming Request"] --> RULES["Cache Rules\n(Evaluate conditions)"]
RULES -->|"Match"| ACTION["Apply Action\n(TTL, Bypass, Key)"]
RULES -->|"No Match"| DEFAULT["Default Behavior\n(Static Assets Only)"]
ACTION --> EDGE_CACHE["Edge Cache"]
DEFAULT --> EDGE_CACHE
style RULES fill:#f6821f,color:#fff,stroke:#e5711e
style EDGE_CACHE fill:#2563eb,color:#fff,stroke:#1e40af
Cache Rules (The Modern Way)
Cache Rules let you define caching behavior based on any condition (path, cookie, header, IP, etc.).
| Setting | Action | Description |
|---|---|---|
| Edge TTL | How long Cloudflare caches | Overrides Cache-Control from your origin |
| Browser TTL | How long visitors cache | Overrides Cache-Control for the user's browser |
| Bypass Cache | ❌ Never cache | Useful for /admin, /api/user, or authenticated data |
| Cache Deception | 🛡️ Security | Prevents attackers from tricking the cache into storing private info |
Example: Cache an API Path for 1 Hour
| Setting | Value |
|---|---|
| When | URI Path starts with /api/v1/public-data |
| Eligibility | Eligible for cache |
| Edge TTL | Override to 3600 seconds |
Example: Bypass Cache for Authenticated Users
| Setting | Value |
|---|---|
| When | Cookie contains session_id |
| Action | Bypass cache |
Always bypass cache for sensitive pages (dashboards, account settings, payment flows). Caching private user data is a major security risk.
Tiered Caching (Free)
Tiered Caching reduces origin server load by designating certain Cloudflare PoPs to act as "upper tiers" for others. Instead of every PoP fetching from your origin, they fetch from a regional hubPoP first.
flowchart LR
Origin["Your Origin Server"] --- Hub["Upper Tier PoP\n(Regional Hub)"]
Hub --- Edge1["PoP 1 (User A)"]
Hub --- Edge2["PoP 2 (User B)"]
Hub --- Edge3["PoP 3 (User C)"]
style Origin fill:#6b7280,color:#fff,stroke:#4b5563
style Hub fill:#7c3aed,color:#fff,stroke:#6d28d9
| Type | Availability | Best For |
|---|---|---|
| Smart Tiered Caching | Pro/Bus/Ent | Cloudflare automatically finds the best path |
| Generic Tiered Caching | Free | Standard topology — still highly effective |
Enable this under Caching → Tiered Caching → Topology: Generic.
Cache Reserve (Paid)
For high-traffic sites with large asset libraries, Cache Reserve acts as a giant, persistent cache layer using Cloudflare R2. This ensures that even infrequently accessed files stay in the Cloudflare cache for long periods, rather than being "evicted" to save space.
| Feature | Edge Cache | Cache Reserve | Origin |
|---|---|---|---|
| Speed | Instant (<10ms) | Fast (~100ms) | Slow (300ms+) |
| Price | Free | 💰 Storage-based | 💰 Bandwidth-based |
| Retention | Volatile (evicts often) | Persistent | Permanent |
Key Takeaways
- Cache Rules are the modern, granular way to manage caching (up to 10 free).
- Always bypass cache for cookies or paths that contain private user data.
- Tiered Caching (Generic) is free and significantly reduces origin load.
- Use Smart Tiered Caching (Paid) for even better performance and path optimization.
- Always test cache rules in staging to ensure sensitive data isn't accidentally cached globally.
What's Next
- Continue to Strategy and Architecture to design your edge-first application.