Confirm Experience Protection

Provide an uninterrupted experience for your users.

Contributors: Whitney Meredith, Michelle Colón.

Discuss in our Forum Discuss in Slack

Experience Protection provides a seamless, uninterrupted experience for your users. Global CDN will serve a cached version of your page instead of displaying an error if the server is not responding and can't serve a new copy of the page. Global CDN will display the cached version even if it is stale cache (expired).

Confirm That Experience Protection Works

You can test how stale cache is served by comparing the header results of a page refresh when the site's Dev environment is live to the header results when Dev is in Maintenance Mode:

  1. Examine the headers through the command line:

    curl --head https://pantheon.io/docs
    HTTP/2 301
    content-type: text/html
    location: https://pantheon.io/docs/
    server: nginx
    strict-transport-security: max-age=31622400
    x-pantheon-styx-hostname: styx-fe2-a-5d96768699-vcdvh
    x-styx-req-id: b7b8d4d2-04d9-11ec-a467-9a05fab906d1
    cache-control: public, max-age=86400
    date: Tue, 24 Aug 2021 15:30:21 GMT
    x-served-by: cache-mdw17379-MDW, cache-ewr18124-EWR
    x-cache: HIT, HIT
    x-cache-hits: 1, 1
    x-timer: S1629819022.932985,VS0,VE1
    pantheon-trace-id: be58e6a03a904fbfa64515ee136ffd34
    vary: Cookie, Cookie
    age: 9654
    accept-ranges: bytes
    via: 1.1 varnish, 1.1 varnish
    content-length: 162

    Note the result for age or max-age.

  2. Navigate to the site's Dev environment and set the site to Maintenance Mode.

  3. Clear the cache from either the Advanced Page Cache module or from the Dashboard.

  4. cURL the site headers filtered for stale cache in a terminal:

    curl --head https://pantheon.io/docs | grep PContext-Resp-Is-Stale

    If the response headers include PContext-Resp-Is-Stale, the page has been successfully served from stale cache.

  1. Navigate to the page using Firefox or Chrome, and in the browser's developer tools open the Network tab.

  2. Find the response headers for the page or asset.

  3. Go to the site's Dev environment and set the site to Maintenance Mode.

  4. Clear the cache from either the Advanced Page Cache module or from the Dashboard.

  5. Go back to the page and Developer Tools, then refresh the page for the newest header responses.

    If the result includes PContext-Resp-Is-Stale, the page has been successfully served from stale cache.

You can check your NGINX or Fastly logs for any traffic anomalies or overages when you know what your site's cache currently looks like.

NGINX logs track all requests made to WordPress or Drupal, but do not include any requests that were served from the edge cache. You can use GoAccess to produce a compiled report on the most common requests, such as: 404s, user agents, etc.

Fastly log extracts can be requested from your Customer Success Engineer. Standard analytics include all pages requested, but will not include service calls and other traffic that does not load the tracking script.

Check your logs for:

  • Disproportionate patterns of requests and 404s indicate possible exploits.

  • Too many requests to the index paths may indicate a volumetric attack against the domain.

  • Heavy requests to administrative and login paths may indicate a generalized CMS exploit attempt.

  • Known exploit and excess traffic paths.

Adjust TTL to Determine Fresh vs. Stale Content

Your site’s CMS page-level caching must be correctly configured to take advantage of Experience Protection.

You can adjust the length of time before the site's cached content is considered stale by adjusting the time-to-live (TTL). Set the cache TTL to a value equal to or higher than 3700 seconds for best results:

  • Drupal steps to change your your CDN edge settings to serve stale content for a specific amount of time.

  • WordPress steps to change your your CDN edge settings to serve stale content for a specific amount of time.

Session-Style Cookies or NO_CACHE Cookies

You will bypass the cache and will not see cached content if you have session-style cookies set, or a NO_CACHE cookie set. For best results:

  1. Set the NO_CACHE cookie to persist longer than the site’s page cache (this includes logged in users and authenticated traffic).

Learn more about the exceptions to page caching rules in Caching: Advanced Topics.

More Resources