Skip to content

Cloudflare Cache Rules: Configuration and Best Practices — Complete Guide

DodaTech Updated 2026-06-23 4 min read

This tutorial covers Cloudflare Cache Rules — the modern replacement for Page Rules when it comes to Caching control. You will learn how to create cache rules that match URL patterns, set custom Time-To-Live values, bypass cache for specific paths, and apply best practices for different content types.

Why Cache Rules Matter

Default CDN Caching is a good start, but real-world applications need fine-grained control. Cache Rules let you define exactly what gets cached, for how long, and under what conditions. You can cache API responses for 30 seconds, HTML pages for 5 minutes, and static assets for 1 year — all with different rules. This granularity maximizes cache hit ratios while keeping dynamic content fresh.

Real-world use: Durga Antivirus Pro's threat intelligence API returns data that changes every 60 seconds. A Cache Rule sets TTL to 60 seconds for /api/threats/* paths, while static signature files at /signatures/* are cached for 7 days. Without Cache Rules, both would use the same default TTL of 2 hours.

Cache Rules Decision Flow

flowchart TD
  A[Incoming request] --> B{Matches cache rule?}
  B -->|No| C[Use default cache behavior]
  B -->|Yes| D[Apply rule actions]
  D --> E{Action type}
  E -->|Cache TTL| F[Set custom TTL]
  E -->|Bypass cache| G[Always fetch from origin]
  E -->|Cache key| H[Customize cache key]
  F --> I[Serve from edge]
  G --> J[Dynamic response]
  H --> I
  style D fill:#f90,color:#fff

Creating a Cache Rule

Rule 1: Cache Static Assets Long-Term

Versioned static assets should be cached as long as possible since their filenames change when content updates.

# Cache Rule configuration
# URL pattern: *.example.com/assets/*
# Cache status: Eligible for cache
# Edge TTL: 30 days (override origin)
# Browser TTL: 1 year
# Cache key: Include hostname + URL + scheme

curl -sI https://example.com/assets/logo.a1b2c3.png | grep -i "cf-cache-status"
# Expected output:
# cf-cache-status: HIT

Rule 2: Bypass Cache for Admin Paths

Admin dashboards and user-specific pages should never be cached.

# Cache Rule configuration
# URL pattern: *.example.com/admin/*
# Cache status: Bypass

curl -sI https://example.com/admin/settings | grep -i "cf-cache-status"
# Expected output:
# cf-cache-status: BYPASS

Rule 3: Short TTL for API Endpoints

API responses that change frequently need a short TTL to balance freshness with Caching benefits.

# Cache Rule configuration
# URL pattern: *.example.com/api/v2/products
# Cache status: Eligible for cache
# Edge TTL: 60 seconds

curl -sI https://example.com/api/v2/products | grep -i "cf-cache-status"
# First request:
# cf-cache-status: MISS

# Second request within 60 seconds:
# cf-cache-status: HIT

Cache Key Customization

The cache key determines what uniquely identifies a cached object. By default, Cloudflare uses the URL. You can customize the cache key to include query parameters, headers, or cookies.

# Default cache key: scheme + hostname + path + query string
# Example: https://example.com/page?lang=en&ref=home

# Customize to ignore tracking parameters:
# Cache key includes: scheme, host, path, query params: lang only
# Both URLs below resolve to the same cache entry:
# https://example.com/page?lang=en&ref=home
# https://example.com/page?lang=en&ref=social

Edge TTL vs Browser TTL

Understanding the difference between edge TTL (how long Cloudflare keeps the file) and browser TTL (how long the Visitor's browser keeps it) is critical.

# Edge TTL (Cloudflare edge cache)
# Browser TTL (visitor's local cache)
# 
# Best practice for static assets:
# Edge TTL: 30 days
# Browser TTL: 1 year
#
# The browser TTL can be longer because
# versioned filenames invalidate the cache
# when the file changes (breaking the URL).

Best Practices

Content Type Edge TTL Bypass? Reason
Versioned JS/CSS 30 days No Filename hash enables long cache
HTML pages 5 minutes No Content changes infrequently
Admin pages N/A Yes User-specific, must be fresh
API responses 60 seconds No Balances freshness with Caching
User avatars 7 days No Rarely change
Sitemap.xml 1 hour No Changes when new pages are added

FAQ

{{< faq "What is the difference between Cache Rules and Page Rules for Caching?">}} Cache Rules are the modern replacement for Page Rules Caching features. Cache Rules support more conditions, more actions, and are evaluated before Page Rules. Cloudflare recommends using Cache Rules for all new Caching configurations. {{< /faq >}}

Can Cache Rules override origin Cache-Control headers?

Yes. Cache Rules can override the origin's Cache-Control headers by setting an Edge TTL value. This gives you full control over Caching duration regardless of what your origin server sends.

How many Cache Rules can I create?

Free and Pro plans support 10 cache rules. Business plans have 50, and Enterprise plans have unlimited rules. Each rule can contain multiple conditions and actions.

Practice Questions

  1. Why should versioned static assets have a longer browser TTL than edge TTL?
  2. What is the purpose of customizing the cache key to ignore certain query parameters?
  3. When would you use the Bypass cache action instead of setting a short TTL?

Summary

Cloudflare Cache Rules give you precise control over Caching behavior per URL pattern. You can set custom TTLs, bypass cache entirely, or customize cache keys. Combining different rules for static assets, API endpoints, and admin paths maximizes cache hit rates while keeping dynamic content fresh. Cache Rules are the recommended approach for all Caching configuration on Cloudflare.

Built by the developers of Doda Browser, DodaZIP, and Durga Antivirus Pro — security-first tools for the modern web.

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro