Cloud Platform

Varnish headers

Cloud Platform uses Varnish® caching to increase an application’s perceived performance for visitors. For more information about Varnish, see Using Varnish. Using developer tools integrated with your browser, you can examine the Varnish caching headers sent with each page and item request to see how Varnish caching is working with your application.

To examine what Varnish is doing (or not doing) on one of the pages in your application, examine the values of the Varnish cache headers for the page.

Varnish headers are appended by Cloud Platform and cannot be removed.

To view these headers, use one of the development tools available for your web browser to view a served web page’s Varnish headers. Your installed browser may already include a set of development tools that you can use. You can also run the following command from a command prompt:

curl -sSLIXGET urlname

The following are some of the headers you should see:




The amount of time the served item was in the cache, in seconds. If the age is zero, the item was not served from the Varnish cache.


The directives that must be applied by all caching mechanisms, from Varnish to the browser cache.

If the field has the value no-cache, must-revalidate, post-check=0 or pre-check=0, this item instructs any upstream proxy layers (such as Acquia load balancers or a CDN) to not cache. This header generally is used when Drupal page caching is disabled. Acquia recommends you verify this value is present on all of your website’s pages. If it is, enable caching, and consider using Acquia Purge for cache invalidation.


The web infrastructure application (currently nginx) that acts as a load balancer to serve the content.


The inbound HTTP request headers that need to be taken into account when caching a single URL. The most common example is Accept-Encoding – a header that browsers usually send to websites to indicate whether they want the returned page compressed using gzip or the deflate compression algorithm. This can prevent serving gzip-compressed pages from cache to older browsers that do not support it.


The web infrastructure application (currently Varnish) over which the request was sent.


The query strings that have been stripped from the URL, if any. For more information, see Stripping query strings in Varnish.


A response header added when a request is forwarded to PHP-FPM. If PHP-FPM was not needed to serve this request, this header is not added.


The Acquia environment that provides the page response. Usually prod, but could also include values such as dev or stage.


Either HIT or MISS depending on whether or not the item was served from the Varnish cache.


The number of times this object has been served from cache. Higher numbers indicate that this URL has received more visitors.


Similar to X-Cache, this header indicates the outcome of Drupal’s page cache with HIT or MISS values. A MISS value is not unusual here. For more information about Drupal cache MISS, see Varnish cache HITS and Drupal cache MISS.


The originating IP address for a request.


The software used to create the page. On Cloud Platform, this says Drupal along with the version number of Drupal core.


The two-letter ISO-3166–1 alpha-2 country code. Available only for Cloud Platform Enterprise and Site Factory subscriptions with dedicated load balancers. For more information, see Using GeoIP information.


The request ID for a given request. For more information, see Using HTTP request IDs.


Certain non-HTML static assets have cookie headers removed, and receive the HTTP request header X-Static-Asset: True. For more information, see Stripping cookies from static files.


Either allow or deny depending on whether or not the user has followed a link from Google, Facebook, or LinkedIn. To use the value of this header to construct a paywall or registration wall, see First Click Free support in Varnish.

Other headers

Varnish on Cloud Platform also contains headers that enable caching for some HTTP response codes, in infrastructure where this behavior is necessary. The header is:



Acquia strongly recommends against using these headers as they may compromise the stability of your website.

Your Acquia load balancers cache all HTTP 301 and HTTP 404 responses for a minimum of 15 minutes (configurable with max-age), which can prevent cache stampedes and general performance degradation during high-traffic scenario (such as load tests and DDOS attacks). However, caching behavior may be occasionally undesirable. You can set the response header to bypass this requirement, as shown in the following example:

X-Acquia-No-301-404-Caching-Enforcement: 1

Varnish will not cache the following HTTP responses:

  • HTTP status codes greater than or equal to HTTP 302 with the exception of HTTP 404.
    For example, Varnish will cache 200 OK responses.

  • Responses that return an invalid or negative max-age value.

  • HTTP methods other than GET and HEAD.

Caching HTTP HEAD responses

As REST and HEAD requests have become more popular, the need for these requests to be cacheable has increased. Any code responding to HTTP HEAD requests can now set a Cache-Control response header that Varnish will respect.

For more information about HEAD requests, see HEAD method on