Content compression
Cloudflare compresses content in two ways: between Cloudflare and your website visitors and between Cloudflare and your origin server.
In addition to Cloudflare's default caching behavior, Cloudflare supports Gzip, Brotli, and Zstandard compression when delivering content to website visitors.
flowchart LR accTitle: Compressed responses sent to website visitor accDescr: Cloudflare can send responses to visitors using Gzip compression, Brotli compression, or no compression. A[Visitor browser] B((Cloudflare)) C[(Origin server)] A == "Request" ==> B -.-> C C -.-> B == "Response<br>(Gzip / Brotli / Zstandard / No compression)" ==> A style A stroke-width: 2px style B stroke: orange,fill: orange,color: black style C stroke-dasharray: 5 5 linkStyle 0,3 stroke-width: 2px linkStyle 1,2 stroke-width: 1px
If supported by visitors' web browsers, Cloudflare will return Gzip, Brotli, or Zstandard-encoded responses for the following content types:
Cloudflare's global network can deliver content to website visitors using Gzip compression, Brotli compression, Zstandard compression, or no compression, depending on:
- The values visitors provide in the
accept-encoding
request header. - Your Cloudflare plan.
- Any configured compression rule that matches incoming requests.
For responses with error status codes, Cloudflare will only compress responses if their error status code is 403
or 404
. For successful response status codes, Cloudflare will only compress responses if their status code is 200
. Responses with other status codes will not be compressed.
You can override Cloudflare's default compression behavior using Compression Rules.
When Cloudflare compresses a response sent to the website visitor, it may omit the Content-Length
HTTP header to avoid delivering incorrect length information caused by dynamic transformations. To preserve the Content-Length
header set by the origin server, add cache-control: no-transform
to the origin server's response. This directive prevents Cloudflare from altering compression on responses, allowing the Content-Length
header to pass through as-is. The cache-control: no-transform
header must be set by the origin — it cannot be added in client requests.
When requesting content from your origin server, Cloudflare supports Brotli compression, Gzip compression, or no compression.
flowchart LR accTitle: Compressed responses sent from the origin server accDescr: Cloudflare accepts responses from origin server using Brotli compression, Gzip compression, or no compression. A[Visitor browser] B((Cloudflare)) C[(Origin server)] A -.-> B == "Request<br>Accept-Encoding: br, gzip" ==> C C == "Response<br>(Brotli / Gzip / No compression)" ==> B -.-> A style A stroke-dasharray: 5 5 style B stroke: orange,fill: orange,color: black style C stroke-width: 2px linkStyle 1,2 stroke-width: 2px linkStyle 0,3 stroke-width: 1px
If your origin server responds to a Cloudflare request using Brotli/Gzip compression, we will keep the same compression in the response sent to the website visitor if:
- You include a
content-encoding
header in your server response mentioning the compression being used (br
orgzip
). - The visitor browser (or client) supports the compression algorithm.
- You do not enable Cloudflare features that change the response content (refer to Notes about end-to-end compression for details).
Cloudflare's reverse proxy can also convert between compressed formats and uncompressed formats. Cloudflare can receive content from your origin server with Brotli or Gzip compression and serve it to visitors uncompressed (or vice versa), independently of caching.
If you do not want a particular response from your origin to be encoded with Brotli/Gzip when delivered to website visitors, you can disable this by including a cache-control: no-transform
HTTP header in the response from your origin web server.
Even when using the same compression algorithm end to end (between your origin server and Cloudflare, and between the Cloudflare global network and your website visitor), Cloudflare will need to decompress the response and compress it again if you enable any of the following settings for the request:
- Automatic HTTPS Rewrites
- Cloudflare Fonts
- Email Address Obfuscation
- Mirage
- Polish
- Rocket Loader
- JavaScript detections
- RUM
To disable these settings for specific URI paths, create a configuration rule.
Cloudflare may remove the Content-Length
HTTP header of responses delivered to website visitors. To ensure that the header is preserved, add a cache-control: no-transform
HTTP header to the response at the origin server.
By default, Cloudflare uses the following compression methods for content delivery, depending on the zone plan. However, the actual compression applied may also depend on what the visitor's browser requests via the accept-encoding
header.
- Free Plan: Content is compressed by default using Zstandard.
- Pro and Business Plans: Content is compressed by default using Brotli.
- Enterprise Plan: Content is compressed by default using Gzip.
On all plans, Cloudflare requests content from the origin server using the accept-encoding: br, gzip
header. This means that Cloudflare asks the origin to send the content compressed using Brotli or Gzip, depending on which method the origin server supports.