cloudflare · tkornhammar · Mar 13, 2026
@@ -0,0 +1,35 @@
+---
+title: New cache proxy architecture
+description: Cloudflare's new Rust-based caching proxy is now live on all Free, Pro, and Business zones, and most Enterprise zones, bringing improved RFC compliance and lower latency.
+products:
+  - cache
+date: 2026-03-13
+---
+
+Cloudflare has built a new caching proxy that is faster, more reliable, and designed to future-proof our cache architecture. All Free, Pro, and Business zones are now fully migrated. Enterprise zones are in the process of migrating with 90+% fully migrated. This delivers immediate performance improvements and unlocks new caching capabilities that were previously not possible.
+
+## This brings
+
+* **Lower latency**: The new proxy is [Rust-based](https://github.com/cloudflare/pingora) and its architecture reduces per-request overhead enabling true asynchronous background work with safety guarantees.  
+* **Better RFC compliance**: Caching behavior now more closely follows HTTP caching standards.  
+* **Foundation for future features**: The new architecture enables upcoming improvements to cache functionality and efficiency.
+
+## New features
+
+* **Asynchronous stale-while-revalidate**: When the [`stale-while-revalidate`](https://file+.vscode-resource.vscode-cdn.net/cache/concepts/cache-control/#stale-while-revalidate) directive is present, every request now returns stale content immediately while revalidation happens in the background. Previously, the first request that triggered revalidation had to wait for the origin to respond before serving the stale asset.  
+* **Unbuffered bypass by default**: Responses that bypass cache are now streamed directly to the client without buffering, reducing time-to-first-byte for uncacheable content.
+
+## Behavioral changes
+
+The new architecture includes the following behavioral changes to improve RFC compliance and correctness:
+
+* **`Vary:*` now results in cache bypass**: Per [RFC 9110 Section 12.5.5](https://httpwg.org/specs/rfc9110.html#field.vary), a `Vary` header value of `*` indicates the response varies on factors beyond request headers and should not be served from cache. Responses with `Vary: *` now correctly bypasses cache instead of being stored.  
+* **Strip `Set-Cookies` on `MISS` and `EXPIRED`** for cacheable assets. Previously, the header was only stripped for cache `HIT` on those same assets.
+
+## Get started
+
+This migration is automatic and requires no action on your part. To learn more about how Cloudflare cache works, refer to the [cache documentation](https://developers.cloudflare.com/cache/).
+
+Read more about the new proxy in our blog:
+* [Open sourcing Pingora: our Rust framework for building programmable network services](https://blog.cloudflare.com/pingora-open-source/)  
+* [How we built Pingora, the proxy that connects Cloudflare to the Internet](https://blog.cloudflare.com/how-we-built-pingora-the-proxy-that-connects-cloudflare-to-the-internet/)