background image
Silvan Bolt
PrivacySustainabilityHelp

Privacy

Planet. Privacy. Everything else.

We don't collect or store personal data from you, or your users. Silvan Bolt only caches public and unauthenticated pages. In all other cases, we log a minimal set of technical details.

Each request flowing through Silvan Bolt falls into one of the following modes:

  • request:blocked
  • request:bypassed
  • cache:missed
  • cache:hit
  • cache:cancelled

We'll go trough every mode, detailing when each mode kicks in, what we do with headers, what we do and don't cache and log.

request:blocked

The request is not meant to be handled at all. This is useful against hack-like crawlers (e.g. /admin/, *.php, .env). The request is killed as early as possible.

A request enters this mode if:

  • The path matches a rule in the blocked configuration.

Response headers sent to client:

  • Via: 2 Silvan Bolt
  • X-Silvan-Bolt-Mode: request:blocked

Logged values:

  • Timestamp
  • Host, method, path, and query
  • Mode

request:bypassed

The request is handled entirely by the origin server. It is proxied as early and transparently as possible. These requests will never be cached.

A request enters this mode if:

  • The HTTP method is anything other than GET, or
  • The path matches a rule in the bypass configuration.

Request headers sent to origin:

  • All headers from the original request.
  • X-Forwarded-Host: the host of the client.
  • X-Forwarded-Proto: the scheme of the client.
  • X-Forwarded-For: chain of client IPs.
  • X-Real-IP: the original client IP.
  • Via: 2 Silvan Bolt
  • X-Silvan-Bolt-Mode: request:bypassed

Response headers sent to client:

  • All headers from the origin server.
  • Via: 2 Silvan Bolt
  • X-Silvan-Bolt-Mode: request:bypassed

Logged values:

  • Timestamp
  • Host, method, path, and query
  • Response time
  • Content length
  • Mode

cache:missed

The request is cacheable, but not cached yet. It is forwarded to the origin server, and the response is cached and returned to the client.

A request enters this mode if:

  • The HTTP method is GET, and
  • The path does not match a rule in the blocked or bypass configuration, and
  • The request is not cached yet.

Request headers sent to origin:

  • No headers from the original request (to guarantee identical cached responses for all users).
  • X-Forwarded-Host: the host of the client.
  • X-Forwarded-Proto: the scheme of the client.
  • X-Forwarded-For: chain of client IPs.
  • Via: 2 Silvan Bolt
  • X-Silvan-Bolt-Mode: cache:missed

Response headers sent to client:

  • No headers from the origin server, except for a safe subset also returned on cache hits:
    • Content-Type
    • Content-Length
  • Via: 2 Silvan Bolt
  • X-Silvan-Bolt-Mode: cache:missed

Logged values:

  • Timestamp
  • Host, method, path, and query
  • Response time
  • Content length
  • Mode

cache:hit

The request is served from cache. The origin server is not contacted, and the cached response is returned directly. For performance and the environment, you'd want these request as much as possible.

A request enters this mode if:

  • The HTTP method is GET, and
  • The path does not match a rule in the blocked or bypass configuration, and
  • The request is already cached.

Response headers sent to client:

  • The same safe headers as in a cache miss:
    • Content-Type
    • Content-Length
  • Via: 2 Silvan Bolt
  • X-Silvan-Bolt-Mode: cache:hit

Logged values:

  • Timestamp
  • Host, method, path, and query
  • Response time
  • Content length
  • Mode

cache:cancelled

The request was initially treated as cache:missed and forwarded to the origin server. However, the origin’s response was non-cacheable. This is inefficient and should be revised to either request:bypassed or the response should be made cacheable, depending on intent.

A request enters this mode if:

  • The HTTP method is GET, and
  • The path does not match a rule in the blocked or bypass configuration, and
  • The request is not cached yet, and
  • The response from the origin server contained a Cache-Control: no-cache|no-store|must-revalidate header.

Request headers sent to origin:

  • Identical to cache:missed

Response headers sent to client:

  • Identical to cache:missed, except:
  • X-Silvan-Bolt-Mode: cache:cancelled

Logged values:

  • Timestamp
  • Host, method, path, and query
  • Response time
  • Content length
  • Mode