Let’s make XenForo great: make thread pages cacheable

Stockwalker

Active member
I’m an avid user of xF however I’m disappointed to see that caching is not supported at all. It would actually give quite a big performance boost to statically render pages behind forum/ and threads/. Yes, there is a reason that this is not supported, and not all setups might accommodate this, but as a CloudFlare user this could be easily toggled on.

Cached pages can always be busted whenever there is a new post. So that’s not an excuse to not have this, neither the fact that “dynamic content” needs to be generated first. Come on, it’s 2022.

So my question is, why is this feature not supported out of the box? Are there any plans to do this ? Fact is that statically pre rendered pages are all the rage nowadays and xF could benefit a lot from having this feature.
 
Upvote 12
If you're busting the cache whenever you have a new post, on a busy forum this is... kinda making caching worthless? If anything it's actually making the problem worse by spending time caching that you're only going to drop shortly afterwards.

On a not so busy forum, it actually has a different effect: people think it's even quieter because they don't see changes update immediately because of caching.
 
Well... not at all? Since you clearly don't know software or caching strategies at least so let me explain: it would significantly improve load times, not only because it would be hosted on a worldwide CDN (imagine the benefits for a site with visitors globally) but the server wouldn't need to regenerate every page on each visit, saving server bandwidth as well.. No network traffic, and no SQL calls... You are busting the cache on a per page basis. It's not like a thread gets a new comment and the WHOLE ENTIRE SITE cache is busted for that one thread. Ever heard of the revalidate strategy?

If that wasn't enough, CloudFlare offers a 1 second max TTL... meaning it revalidates previous and current states on each fetch, and if there is a newer version of the page then it will regen the cache for the page.

So again, this is 2022 and XenForo is supposed to be a modern framework so it should start acting like one and allow this - why does it not?
 
Most likely because Xenforo's only job is to produce the page source code.

Distribution, and caching is up to the other specialized software in your stack.
 
Actually, it's 2023.
The Future Vintage GIF
 
Fact is that statically pre rendered pages are all the rage nowadays and xF could benefit a lot from having this feature.
Er what? According to who? Are you from the past? I literally developed software that turned info from a database into static pages back in the 1990s (it was called Data Wizard). I can dig up a copy and send it to you if you'd like, but you would need Windows 95 to run it.

Pretty sure "all the rage" these days are websites that are dynamic.
 
If you're busting the cache whenever you have a new post, on a busy forum this is... kinda making caching worthless? If anything it's actually making the problem worse by spending time caching that you're only going to drop shortly afterwards.
Not really no. On a forum with millions of threads, if you have, say, 100k "actively viewed" (say >1 time per hour) threads and 1k "actively posted to" (same timeframe), it might very much be worth cache-busting the 1k being written to and benefitting from the 99k read-only ones being cached entirely, and never requiring a request to hit XF.

Sure, it comes with some resource expense in terms of RAM to dedicate to it, but gzipped HTML is very light, and you can get really far in terms of caches even on extremely dynamic sites with a very very long active content tail.

Plenty of ways to cache.......

Good info here
Not really addressing the point the OP is making, which is to statically cache them. XF's csrf and session cookie apply to guests too, so caching statically at the edge is currently near impossible without complex logic to ensure the end-user picks up these cookies (which must pass through the cache).

Only data (and subdirectories) and first guest fetches can really be safely cached atm, which is a bit unfortunate in any context where the vast majority of users are expected to be guests (so most non-invite-only forums).
 
XenForo has supported Guest page caching for a few versions already: https://xenforo.com/docs/xf2/cache/#guest-page-caching

Caching for logged in users is infinitely more problematic because of the permissions issues that come along with it.
It supports LOCAL caching. We're all talking about REMOTE caching of those pages. ie in Cloudflare and other caches not colocated or managed by Xenforo itself.

Also yes there's not gonna be a practical way (or reason) to cache logged in user pages.
 
Er what? According to who? Are you from the past? I literally developed software that turned info from a database into static pages back in the 1990s (it was called Data Wizard). I can dig up a copy and send it to you if you'd like, but you would need Windows 95 to run it.

Pretty sure "all the rage" these days are websites that are dynamic.
Er... according to me? Are you from the future? Pretty sure you are a country bumpkin, who works at the local web design shop, you clearly don’t know anything about modern web apps (whatever “dynamic” means). But maybe you should enlighten us why “dynamic” “websites” are all the rage these days so you can be proved wrong?
 
Er... according to me? Are you from the future? Pretty sure you are a country bumpkin, who works at the local web design shop, you clearly don’t know anything about modern web apps (whatever “dynamic” means).
It sounds like you are basing your view of the world/facts on incorrect assumptions to me. 😉

But maybe you should enlighten us why “dynamic” “websites” are all the rage these days so you can be proved wrong?
Dynamic websites allow you to do most everything you do on the web. They allow you to use Google to find content for example. Going back to the days where searching the web was scrolling through static pages of website directories does not sound appealing.

As far as XenForo goes, it’s about as efficient as it can be without going down a road of compromising user’s experience. If your web server is being overloaded, it’s not because thread pages aren’t cached. A run of the mill web server can do ~50M uncached thread views per day. If you are approaching that number, it probably makes more sense to get a second web server than it does to make the website (even slightly) out of date for guests. However if you really wanted to do that, you can already do it with no backend changes or infrastructure requirements with Cloudflare (and you don't need to worry about the cost or resources involved with running a backend cache system).
 
Last edited:
Er... according to me? Are you from the future? Pretty sure you are a country bumpkin, who works at the local web design shop, you clearly don’t know anything about modern web apps (whatever “dynamic” means). But maybe you should enlighten us why “dynamic” “websites” are all the rage these days so you can be proved wrong?
Er... I mean if you don't know what a dynamic web page is then I don't think you'll be doing any proving wrong here.
 
Comes to make a suggestion... becomes rude when people discuss said suggestion.


Interesting methodology!
 
Pfft, what do you know anyway :LOL:
I know that the top paying web design firm in the world couldn't afford me. A "country pumpkin local web design shop" would need to sell their souls and multiple generations of their families to get me to do web design (actually probably not even then).
 
While I am in favor of this suggestion, I obviously don't support at all how OP randomly acted so rudely. With that out of the way...

As far as XenForo goes, it’s about as efficient as it can be without going down a road of compromising user’s experience. If your web server is being overloaded, it’s not because thread pages aren’t cached. A run of the mill web server can do ~50M uncached thread views per day. If you are approaching that number, it probably makes more sense to get a second web server than it does to make the website (even slightly) out of date for guests. However if you really wanted to do that, you can already do it with no backend changes or infrastructure requirements with Cloudflare (and you don't need to worry about the cost or resources involved with running a backend cache system).
Maybe I'm misunderstanding this, but I still don't see how it addresses the original suggestion's underlying benefits...

1. The problems aren't just about overloading the server(s) CPU wise, but also about real user response speed due to network constraints

Even if Xenforo was infinitely fast and replied infinitely fast for a cached guest page. If your server is distant geographically from the user then they pay at least the request roundtrip latency. This can regularly be in the 2XXms range. In practice XF might take anywhere within the 100ms range (still honorable, not blaming XF at all here, it can't bypass physics), meaning up to 300ms response times on the user-side. And that's a kind estimate. The longer the network path, the more chances of some random hiccup on the way.

If you do cache pages at the edge, you can instead have real user performance in the <50ms range very consistently (for popular threads at least). This is entirely impossible to compete with in a model where you always hit the origin.

2. Even that aside, and when running multiple servers, there is still a CPU cost for Xenforo to process the cached requests

Yes it quickly goes to Redis (or whatever one uses), but that isn't "free" even on cache hit. It might not be much, but it's still entirely unneeded networking and compute being used here. At least in the case where slightly stale guest pages is an acceptable tradeoff for the platform operator.

3. But all this aside, if we were able to force it, then it's just not recommended and there's no need for this suggestion. Except that's not quite true.

However if you really wanted to do that, you can already do it with no backend changes or infrastructure requirements with Cloudflare (and you don't need to worry about the cost or resources involved with running a backend cache system).
As far as I know anyway, and please do tell me if I missed something, this isn't true because XF tries and assumes it succeeded in setting the xf_* cookies even for guests. And specifically, the xf_csrf one.

Since it assumes that guests have those set by the time they try to start things like the login flow (which you would make uncached ofc), this triggers errors like "you need to allow coookies..." etc.

So if you do force it to fully cache outside, you will have guests actively encountering errors when trying to perform other actions.

There are a few solutions to that:
  • support pushing CSRF cookies on-demand, ie when the user is about to do something that will actually need one -- for example, retried form submissions if no CSRF cookie was found: submission goes through if CSRF cookie present, otherwise requests re-submission while setting the CSRF cookie
  • support replacing CSRF cookies with some alternative stateless mechanism
  • support disabling them with the operator in charge of figuring out a secure way to operate after (I would not support that much since we all know what happens when you expect everyone to do due diligence wrt security)
 
You could work out the CSRF issue by whitelisting a couple URLs (for example when you go to log-in, there's an HTTP request to start that login flow (to /login to get the login form). If someone were to do guest-caching of pages, they could just choose to not cache /login so when they initially get the login form, a valid/current CSRF token is part of that payload.

If the goal is to make the site faster for the user, you are much better off doing it with Cloudflare than at the application level because then you have the static guest pages cached locally in Cloudflare's nearly 290 data centers around the world. If the guest user is in Singapore (for example), they only need to make a network trip to the Singapore data center... they don't need to backhaul all the way to wherever the physical server is.

It's definitely doable with Cloudflare (and that also puts the cached pages physically closer to users to make it really fast). Like I said, would have to do a couple minor tweaks/URL exclusions with their cache mechanism, but it's nothing that couldn't be worked out very easily at the network level... cache pages that are GET requests, where the request doesn't have xf_user (a logged in user) and exclude a few exceptions like /login. In fact Cloudflare did a blog article a long time ago that shows how to make a fairly simple Page Rule to do it:

bypass-cache-cookie-wordpress.png



Again, there are a few minor things to sort out like the CSRF, but nothing difficult.
 
Back
Top Bottom