How to disable Last-Modified and ETag headers in a static website hosted on S3 + CloudFront

amazon s3amazon-cloudfrontcdn

Background: there are good reasons to want to disable Last-Modified and ETag headers for some website assets: to prevent browsers sending conditional requests (either using If-Modified-Since or If-None-Match, respectively). This is good because conditional requests are just a waste of a round trip for assets that have a version number or digest in the URL – i.e. when you've made a commitment that the URL will always serve the same content body forever. In this case it's often better to force a browser to go straight to its local cache on repeat visits.

My question: I want to host a static website with S3 and CloudFront. It will be fairly low-traffic, and I want it to be fast. But there's no obvious way to prevent these headers coming through to the client – you can't disable them on S3, nor configure CloudFront to strip them out.

Options I've considered:

  • put a proxy between S3 and CloudFront (on e.g. EC2) with the sole job of stripping out these headers
    • but for me this goes against the whole point of having a static site; I want to minimise moving parts
  • use a different CDN that allows you to strip headers (e.g. could do this with Fastly's VCL configuration)
    • but I really like CloudFront's zero minimum monthly spend, it makes it very cheap for a low-traffic site.

Is there anything else I could try?

Best Answer

...when you've made a commitment that the URL will always serve the same content body forever. In this case it's often better to force a browser to go straight to its local cache on repeat visits.

A browser (or other cache) will not visit the origin until it believes the content has expired. In your case, you would want to instead send the appropriate Cache-Control or Expires headers to indicate the longest possible cache time. That's the only way to create the commitment about the stability of the URL. Removing ETag and Last-Modified will increase the data being sent, not reduce. This is because without those headers, the browser and origin will be forced to refresh the entire content, rather than simply perform a light revalidation.

In the case of using a CDN, what you may instead be looking for is one that let's you override the Cache-Control and Expires headers that are delivered to the end user to indicate that they should cache the content indefinitely, even if the CDN needs to revalidate it. So it is in your interest if the CDN is able to re-validate the content based on the ETag and Last-Modified headers, regardless of what you advertise to the end client.

Related Topic