FREE THOUGHT · FREE SOFTWARE · FREE WORLD

Home  »  Htaccess  »  Speed Tips: Turn Off ETags

by 20 comments

ETags OffBy removing the ETag header, you disable caches and browsers from being able to validate files, so they are forced to rely on your Cache-Control and Expires header. Basically you can remove If-Modified-Since and If-None-Match requests and their 304 Not Modified Responses.

Entity tags (ETags) are a mechanism to check for a newer version of a cached file.

Easy Apache Speed Tips Articles

Please don't turn off ETags and Last-Modified headers for your .html files, leave one of them ON. (I use Last-Modified for .html).


Turn ETags Off

This goes in your root .htaccess file but if you have access to httpd.conf that is better.

This code uses the FileETag and the Header directive to remove all ETags from being sent.

Header unset ETag
FileETag None

Example ETag Request and Response

Notice that the ETag performs the same service that Last-Modified header performs.

Response for /i/yahoo.gif

HTTP/1.1 200 OK
Last-Modified: Tue, 12 Dec 2006 03:03:59 GMT
ETag: "10c24bc-4ab-457e1c1f"
Content-Length: 12195

Later, if the browser has to validate a component, it uses the If-None-Match header to pass the ETag back to the origin server. If the ETags match, a 304 status code is returned reducing the response by 12195 bytes for this example.

GET /i/yahoo.gif HTTP/1.1
Host: us.yimg.com
If-Modified-Since: Tue, 12 Dec 2006 03:03:59 GMT
If-None-Match: "10c24bc-4ab-457e1c1f"
HTTP/1.1 304 Not Modified

With ETags

ETags OnThe problem with ETags is that they typically are constructed using attributes that make them unique to a specific server hosting a site. ETags won't match when a browser gets the original component from one server and later tries to validate that component on a different server, a situation that is all too common on Web sites that use a cluster of servers to handle requests. By default, both Apache and IIS embed data in the ETag that dramatically reduces the odds of the validity test succeeding on web sites with multiple servers.

Without ETags

ETags Off

Tags

September 10th, 2007

Comments Welcome

  • Steven Jomiel

    Note that this page provides the opposite advice that Yahoo developers are giving in the new book http://www.oreilly.com/catalog/9780596529307/ by Steve Souder, modulo the problem with etags including inode information when using multiple web servers.

  • http://www.askapache.com/ AskApache

    @ Steven

    The Yahoo Developer Best-Practices Exceptional Performance Group are the creators of the yslow extension for firebug that recommends removing them.

    But you can't just remove them or keep them because some blogger or new book says too. You have to do your own research and understand for yourself what the best-practice is.

    Etags exists only as an alternative to checking the Last-Modified header as a method of validating the freshness of a file to determine whether it should be re-requested and emptied from the cache, or whether it should stay in the cache.

    Even though all proxies are supposed to be following a defined set of standards for handling these types of data, not all do. But one thing is true, if you make sure that you provide at least one valid way for the proxy/client to determine how long the file should be cached, everything else is redundant and was created as an alternative not as a way to clog up the net with unneccessary HTTP headers

    .

  • Matt

    How do you turn off etags just for static files like images?

  • bdigit

    Actually if you are using multiple apache servers you should just modify how the ETag is generated rather than turn them off. The defaullt is inode-lastmodified-size IIRC. Just remove the inode part and then your etags will match across the servers.

  • Rex

    Can anyone clairfy this from above
    Please don’t turn off ETags and Last-Modified headers for your .html files, leave one of them ON. (I use Last-Modified for .html).

    askapache says to turn etags off, how do you leave then on for .html files?

    Thanks

  • Yvar

    Ok, I read all articles regarding this subject, but the cache-ing confuses me. As I understand it, there are several ways to configure the cache? (header set cache-control and expirebytype??)

    If I do the following, would that be all right, and what happens when I change a css or js file with this configuration?

    Header unset ETag
    FileETag None
    Header unset Last-Modified
    Header set Cache-Control "public, no-transform"
    Header set Cache-Control "public, must-revalidate"
    ExpiresActive On
    ExpiresDefault "access plus 1 days"
    ExpiresByType text/html "access plus 5 minutes"
    ExpiresByType image/gif "access plus 1 years"
    ExpiresByType image/jpeg "access plus 1 years"
    ExpiresByType image/png "access plus 1 years"
    ExpiresByType text/css "access plus 1 years"
    ExpiresByType text/javascript "access plus 1 years"
    ExpiresByType application/x-javascript "access plus 1 years"

    Thank you.

  • Dr. Kenneth Noisewater

    Including the inode in a load-balanced group of webservers will likely guarantee too much uniqueness in generated ETags, but how about just filesize and timestamp?

    FileETag MTime Size

    should do the trick I'd think? Or possibly leave off the Size attribute?

    Too bad ETag isn't a proper hash value on the file contents (at least as an option)..

  • http://kentrichards.net/services/ Kent Richards

    I tried many combinations from the various articles on askapache and on Google's help pages, but the browser wasn't caching.

    Finally, I removed FileETag None, and it cached as expected.

    If you're having problems and have the distributed content concern mentioned in this article, try FileETag Size, or FileETag MTime with attention to preserving modification times on files when mirroring.

    Docs: http://httpd.apache.org/docs/2.2/mod/core.html#fileetag

  • http://ddhost.pl/ My name is what?

    Great! But just only one thing... The result will be dramatic under Internet Explorer.
    IE 7 seems to handle in diffrent way images and html documents (mime types in short)
    It seems to need ETAG in order to cache images..
    Please, forget about this article and leave your ETAG switched on,
    or finally you will end with overloaded and transfer-exhausted Web Server.

    Take care!

  • Stephan

    find it bad for performance... jumped from 5 to 7-10 sec

  • mark Bateman

    hi folks,

    I have a client with an apache server that is not returning last-modified but we a re not finding any setting's that unset that header in either the config files or .htaccess files (we have none of those in fact) where else could this be being overridden or is it missing because they are returning a mime type of text/hmtl..

    thanks..

  • http://timboudreau.com Tim Boudreau

    I fear people are going to read this and take this as good advice; it is terrible advice *unless* you are using a web server that implements generating ETag headers in a sloppy way. If you are using a web application or a web server that implements the ETag as a hash of the bytes that would be sent, then it is a very effective way for a web server to describe how a resource should be cached in a way that is not date-dependent.

    The lesson here is *not* that eliminating ETag headers is a magic recipe that will make your website faster - in most cases it will do the exact opposite. The lesson is, don't use a webserver that implements ETag headers in a naive and fragile way.

    • James

      How do you properly configure ETags on servers across a load balancer?

      • http://www.askapache.com/ AskApache

        Depends on the kind of load balancer.. Usually you can just change the FileETag to generate the ETags based on something the various nodes in the load-balancer will have that matches up...

        So using:

        FileETag Size

        Would avoid different ETags being sent by different nodes.

  • James

    How do you properly configure ETags on servers across a load balancer?

    • http://www.askapache.com/ AskApache

      Depends on the kind of load balancer.. Usually you can just change the FileETag to generate the ETags based on something the various nodes in the load-balancer will have that matches up...

      So using:

      FileETag Size

      Would avoid different ETags being sent by different nodes.

  • quicksketch

    I agree with Tim Boudreau's comment. This blog post gives bad advice. ETags are *good* for caching. The *only* problem with them is if they haven't been configured correctly. The author does correctly identify the one serious weakness of ETags: "By default, both Apache and IIS embed data in the ETag that dramatically reduces the odds of the validity test succeeding on web sites with multiple servers." This is true. However that means A) ETags aren't going to cause a problem for you unless you use multiple web servers and B) You can easily fix this problem by configuring your web server correctly.

    In Apache's httpd.conf file, change the default value of FileETag directive:

    FileETag INode MTime Size

    Change it to this:

    FileETag MTime Size

    By removing INode from the hash used to generate ETags, you've solve the multiple server problem. Because this is a common misconfiguration, Apache saw fit to change this to the new default in Apache 2.4 and higher. You only need to make this change if you're running Apache 2.2 or older. See the docs at http://httpd.apache.org/docs/current/mod/core.html#fileetag

    • WineClubReviews

      Thank you for contribution here, quicksketch. I am running an image-intensive Wordpress site with ridiculously slow load times, so I have been following all of the advice from GTMetrix, including turning off ETags if you're running your site across more than one server. Instead I did what you suggested with just turning off the INode bit in Apache (a two-second fix), and it dropped my HTML download time from 5ish seconds to .28 seconds across the site. FABULOUS.

  • http://yasirimran.blogspot.com/ Yasir Imran

    great tip, it worked for me and increased YSlow ranking a bit.

  • Pingback: How to Maximize Performance on a Linux Server? | Site24x7 Blogs

Popular Articles
My Online Tools

Related Articles
Newest Posts
Twitter


  • @askapache · Jul 21
    Magic spells for sending thoughts across time? Books
  • @askapache · Jul 20
    TV is just a relic of the previous generation. We just don't know it yet.
  • @askapache · Jul 20
    I will never go back on my ideals, no matter the cost. I'll never let the economic vultures steal my dreams. I'd rather give up the ghost
  • @askapache · Jul 18
    I don't want a better seat, I want control of the engine
  • @askapache · Jul 14
    No matter how good u r, there will always be someone 2x, 5x, 100x better. This is true for me and everyone. No direction but forward.
  • @askapache · Jul 12
    Heads up, I'll DDoS the f out of askapache next week, to see how resilient it really is :) - will try to overflow disk, net, and ip stack
  • RUN GCC! This is a typical shirt I wear, from the  t.co/46LYbFr4k2  shop. A clerk at the LQ recognized it!  t.co/jjmT0dkCPu 
  • Merlin the Magician  t.co/iMmRbanUi4 
  • ROGUE CODE - Latest novel from @markrussinovich  t.co/apkn0LoPIt 
  • RTFM - surprisingly very helpful and way more comprehensive than it looks! @redteamfieldman #pwnAllTheThings  t.co/xiaJ5g0aC9 
  • Dear Hacker - Letters to the Editor of 2600, from Emmanuel Goldstein  t.co/JCfLab7FAJ 
  • The Mythical Man-Month - Essays on Software Engineering, by Frederick P. Brooks, Jr.  t.co/ilWN5GHElr 
  • "where wizards stay up late" - The Origins of the Internet. Favorite book detailing the birth of the net and IMPs  t.co/gY9VTGJgZz 
  • ZERO DAY - read before Trojan horse  t.co/pPMLGDJv8P 
  • Trojan Horse, a novel!  t.co/Hf8EtYaZVa 
  • The Hacker Playbook - very nice high level overview of attacks  t.co/lHwNVWi61u 
  • Clean Code - A Handbook of Agile Software Craftsmanship  t.co/hnJX0x1qIc 
  • Secrets of the JavaScript Ninja - By my absolute favorite JS hacker John Resig!  t.co/tZ42ljmcCl 
  • Hacking Exposed 7: Network Security Secrets & SolutionsMy all time favorite, basic but thorough and accurate.  t.co/jycW0RDVtZ 
  • Empty words will be no surrogate for cold resolve. Pain is nothing.  t.co/qXjpRxbjCw 

Hacking and Hackers

The use of "hacker" to mean "security breaker" is a confusion on the part of the mass media. We hackers refuse to recognize that meaning, and continue using the word to mean someone who loves to program, someone who enjoys playful cleverness, or the combination of the two. See my article, On Hacking.
-- Richard M. Stallman






[hide]

It's very simple - you read the protocol and write the code. -Bill Joy

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 License, just credit with a link.
This site is not supported or endorsed by The Apache Software Foundation (ASF). All software and documentation produced by The ASF is licensed. "Apache" is a trademark of The ASF. NCSA HTTPd.
UNIX ® is a registered Trademark of The Open Group. POSIX ® is a registered Trademark of The IEEE.

| Google+ | askapache

Site Map | Contact Webmaster | License and Disclaimer | Terms of Service

↑ TOPMain