Das ist mein Ergebnis aus dem Tool vom Firefox. Im Backend war ich nicht eingeloggt. Sieht deinem Ergebnis ziemlich ähnlich. Contao ist mit Version 4.9.3 aktuell.
Code:
HTTP/2 200 OK
date: Wed, 20 May 2020 09:59:29 GMT
server: Apache
contao-merge-cache-control: 1
cache-control: max-age=3600, private
vary: Cookie,Accept-Encoding,User-Agent
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade, strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
contao-cache: miss
age: 0
strict-transport-security: max-age=31536000
cache-control: max-age=0
expires: Wed, 20 May 2020 09:59:29 GMT
content-encoding: br
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
Woran erkennst du denn, ob was aus dem Cache kommt und was nicht? "cache-control: max-age=3600, private" sieht für mich nach den 60 Minuten Private-Cache aus. Weiter unten ist noch "cache-control: max-age=0". Soll das der Server-Cache sein? Sorry, habe nicht wirklich Ahnung von dem Thema, bin aber mit Interesse dabei
Kann die htaccess vielleicht etwas damit zu tun haben? Habe aus älterer htaccess ein paar Sachen übernommen und vor kurzem auf raten von Google Pagespeed, GTmetrix und Konsorten noch etwas an den "ExpiresByType"-Werten gefeilt. Nicht, dass etwas dazwischen funkt oder eine Fehlkonfiguration irgendwo anders besteht.
Code:
##
# Configs Server
##
#AddHandler php56-cgi .php
php_value memory_limit 512M
php_value max_execution_time 600
AddDefaultCharset UTF-8
php_value session.save_path /www/htdocs/w012345/tmp/
###
<IfModule mod_headers.c>
# Allow access from all domains for webfonts (see contao/core-bundle#528)
<FilesMatch "\.(ttf|ttc|otf|eot|woff2?|font\.css)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
##
# Disable ETags
# @see http://developer.yahoo.com/performance/rules.html#etags
##
FileETag None
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
##
# Set the proper MIME types
# @see https://github.com/h5bp/html5-boilerplate
##
<IfModule mod_mime.c>
AddType application/javascript js jsonp
AddType application/json json
AddType audio/ogg oga ogg
AddType audio/mp4 m4a f4a f4b
AddType video/ogg ogv
AddType video/mp4 mp4 m4v f4v f4p
AddType video/webm webm
AddType video/x-flv flv
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttf ttc
AddType font/opentype otf
AddType application/x-font-woff woff woff2
AddType image/x-icon ico
AddType image/webp webp
AddType text/cache-manifest appcache manifest
AddType text/x-component htc
AddType application/xml rss atom xml rdf
AddType application/x-web-app-manifest+json webapp
AddType text/x-vcard vcf
AddType application/x-shockwave-flash swf
</IfModule>
##
# Gzip compression
# @see https://github.com/h5bp/html5-boilerplate
##
<IfModule mod_deflate.c>
<IfModule mod_filter.c>
AddOutputFilterByType DEFLATE text/html text/plain text/css application/json
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE text/xml application/xml text/x-component
AddOutputFilterByType DEFLATE application/xhtml+xml application/rss+xml application/atom+xml
AddOutputFilterByType DEFLATE image/x-icon image/svg+xml application/vnd.ms-fontobject application/x-font-ttf font/opentype
</IfModule>
</IfModule>
##
# Expires headers (for better cache control)
# @see https://github.com/h5bp/html5-boilerplate
##
<IfModule mod_expires.c>
ExpiresActive on
##
# Productional website
##
ExpiresByType text/cache-manifest "access plus 0 seconds"
ExpiresByType text/html "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/jpg "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
ExpiresByType text/x-component "access plus 1 month"
ExpiresByType application/x-font-ttf "access plus 1 month"
ExpiresByType font/opentype "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/javascript "access plus 1 month"
#ExpiresByType text/css "access plus 1 year"
#ExpiresByType application/javascript "access plus 1 year"
##
# Disable caching during development
# @see https://github.com/contao/core/issues/4364
##
#ExpiresByType text/cache-manifest "access"
#ExpiresByType text/html "access"
#ExpiresByType text/xml "access"
#ExpiresByType application/xml "access"
#ExpiresByType application/json "access"
#ExpiresByType application/rss+xml "access"
#ExpiresByType application/atom+xml "access"
#ExpiresByType image/gif "access"
#ExpiresByType image/png "access"
#ExpiresByType image/jpeg "access"
#ExpiresByType image/x-icon "access"
#ExpiresByType video/ogg "access"
#ExpiresByType audio/ogg "access"
#ExpiresByType video/mp4 "access"
#ExpiresByType video/webm "access"
#ExpiresByType text/x-component "access"
#ExpiresByType application/x-font-ttf "access"
#ExpiresByType font/opentype "access"
#ExpiresByType application/x-font-woff "access"
#ExpiresByType image/svg+xml "access"
#ExpiresByType application/vnd.ms-fontobject "access"
#ExpiresByType text/css "access"
#ExpiresByType application/javascript "access"
</IfModule>
##
# Header adjustments
##
<IfModule mod_headers.c>
##
# Disable caching during development
# @see https://github.com/contao/core/issues/4364
##
#Header unset Cache-Control
#Header append Cache-Control must-revalidate
##
# Do not cache the cron.txt file
# @see https://github.com/contao/core/issues/5105
##
<FilesMatch "cron\.txt$">
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform"
</FilesMatch>
##
# Add a Vary Accept-Encoding header for the compressed resources. If you
# modify the file types above, make sure to change them here accordingly.
# @see http://developer.yahoo.com/performance/rules.html#gzip
#
# Note: If you are using a case-sensitive file system like HFS+ or ext4, you
# have to change the <FilesMatch> directive as follows:
#
# <FilesMatch "\.(?i:js|css|xml|gz|svgz)$">
#
# For more information see: https://github.com/contao/core/issues/4364
##
<FilesMatch "\.(js|css|xml|gz|svgz)$">
Header append Vary Accept-Encoding
</FilesMatch>
##
# Do not cache source map files
# @see https://github.com/contao/core/issues/8532
##
<FilesMatch "\.map$">
Header set Expires "0"
Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform"
</FilesMatch>
</IfModule>
##
# Disable MultiViews if you are having issues with requests returning the wrong
# page. Requires AllowOverride Options=All,MultiViews to be set here.
# @see https://github.com/contao/core/issues/3521
##
#Options -MultiViews
<IfModule mod_rewrite.c>
RewriteEngine On
# Determine the RewriteBase automatically and set it as environment variable.
# If you are using Apache aliases to do mass virtual hosting or installed the
# project in a subdirectory, the base path will be prepended to allow proper
# resolution of the app.php file and to redirect to the correct URI. It will
# work in environments without path prefix as well, providing a safe, one-size
# fits all solution. But as you do not need it in this case, you can comment
# the following 2 lines to eliminate the overhead.
RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
RewriteRule ^(.*) - [E=BASE:%1]
# Sets the HTTP_AUTHORIZATION header removed by Apache
RewriteCond %{HTTP:Authorization} .
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
##
# Uncomment the following lines to add "www." to the domain:
#
# RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
# RewriteRule (.*) http://www.example.com/$1 [R=301,L]
#
# Uncomment the following lines to remove "www." from the domain:
#
RewriteCond %{HTTP_HOST} ^www\.example\.de$ [NC]
RewriteRule (.*) http://example.de/$1 [R=301,L]
#
# Make sure to replace "example.com" with your domain name.
##
##
# If you cannot use mod_deflate, uncomment the following lines to load a
# compressed .gz version of the aggregated Contao JavaScript and CSS files.
##
#AddEncoding gzip .gz
#<FilesMatch "\.js\.gz$">
# AddType "application/javascript" .gz
#</FilesMatch>
#<FilesMatch "\.css\.gz$">
# AddType "text/css" .gz
#</FilesMatch>
#RewriteCond %{HTTP:Accept-encoding} gzip
#RewriteCond %{REQUEST_FILENAME} \.(js|css)$
#RewriteCond %{REQUEST_FILENAME}.gz -f
#RewriteRule ^(.*)$ $1.gz [QSA,L]
# Redirect to URI without front controller to prevent duplicate content
# (with and without `/app.php`). Only do this redirect on the initial
# rewrite by Apache and not on subsequent cycles. Otherwise we would get an
# endless redirect loop (request -> rewrite to front controller ->
# redirect -> request -> ...).
# So in case you get a "too many redirects" error or you always get redirected
# to the start page because your Apache does not expose the REDIRECT_STATUS
# environment variable, you have 2 choices:
# - disable this feature by commenting the following 2 lines or
# - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
# following RewriteCond (best solution)
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
# If the requested filename exists, simply serve it.
# We only want to let Apache serve files and not directories.
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^ - [L]
# Rewrite all other queries to the front controller.
RewriteRule ^ %{ENV:BASE}/app.php [L]
</IfModule>
<IfModule !mod_rewrite.c>
<IfModule mod_alias.c>
# When mod_rewrite is not available, we instruct a temporary redirect of
# the start page to the front controller explicitly so that the website
# and the generated links can still be used.
RedirectMatch 302 ^/$ /app.php/
# RedirectTemp cannot be used instead
</IfModule>
</IfModule>