HTTP response headers added by VIP

A set of default HTTP response headers are added to every site that is hosted on the VIP Platform. These headers help VIP to monitor the platform and can be useful for troubleshooting the origin of a request.

x-cache response header

The x-cache HTTP response header provides information about the type of interaction that a response had with the page cache. Incoming requests to a site hosted on WordPress VIP are first encountered by the page cache on the platform’s global network of edge cache servers. Requests are handled by the server that is located closest to the user making a request. The page cache determines if the request can be served a cached response or if fresh content must be retrieved from the origin server.

The value of the x-cache HTTP response header indicates the type of interaction that the response had with the page cache (e.g., HIT, MISS, or BYPASS). Browser developer tools can be used to identify the x-cache HTTP response header for a specific request.

x-cache response	Response description
BYPASS	The cache was bypassed and the response is from the origin server.
EXPIRED	The cache has expired. Fresh content was fetched from the origin and served to the client.
HIT	The response is from the cache.
MISS	The requested content was not found in cache and the response is from the origin.
REVALIDATED	The cache revalidated content with if-modified-since or if-none-match and the origin responded with a 304 Not Modified HTTP status.
STALE	A stale cached response was served while the page cache fetches an updated response from the origin to serve to future requests.
UPDATING	The cache is still in the process of updating stale content with a response from origin.

x-hacker and x-powered-by response headers

x-hacker and x-powered-by are custom HTTP response headers that are added to every site hosted on the VIP Platform.

• x-powered-by: WordPress VIP <https://wpvip.com>
• x-hacker: If you’re reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.

The presence of the x-powered-by response header can be useful to confirm that requests made to a newly migrated site—or to a site with a newly configured reverse proxy—are successfully reaching and being handled by the VIP Platform.

Both of these headers can be optionally modified or removed.

x-rq response header

The value of the x-rq HTTP response header indicates the geographic location of the edge cache server that served the response. The first three letters in the x-rq value are an abbreviation of the city where the edge server is located. For example, the response header x-rq: sjc5 123 242 443 indicates that the response was served by the data center in San Jose (sjc), California in the United States.

HTTP headers passed only to an application’s origin

The value of an incoming HTTP header can be retrieved in application code.

For example, a WordPress application could use $_SERVER['HTTP_X_MOBILE_CLASS'] to retrieve the value of the x-mobile-class HTTP header for a request in PHP.

For Node.js applications, the x-mobile-class header directly using the method recommended by their preferred framework. In Express.js, for example, the header value is accessible with req.headers['x-mobile-class'].

Header	Description
x-asn	The x-asn header value identifies the network provider of organization from which the request was sent.
x-vip-ip	The true IP address of a user is masked if the request passes through a reverse proxy or Content Delivery Network (CDN). The value of the x-vip-ip HTTP header provides the most probable source IP address of the end user. To ensure the accuracy of the end user’s IP address, the value of the true-client-ip header is prioritized. If the true-client-ip header is unavailable, the leftmost IP address value of the x-forwarded-for header is selected instead. This value represents the most trustworthy client IP in a secure proxy chain, as it is added by the last trusted intermediary before reaching the server. The value of x-vip-ip for a request is logged in the HTTP request Log Shipping field http_x_vip_ip.
x-ip-proxy-type	The x-ip-proxy-type HTTP header provides a classification of the IP address type based on the IP2Proxy™ database, identifying anonymizing services (e.g. reverse proxy) or connection types associated with incoming requests.
x-ja3-hash	The x-ja3-hash header value is an SSL/TLS fingerprint of the client that is making a request. The value can be retrieved from the tls_ja3_hash field in an environment’s HTTP request Shipping Logs.
x-request-id	A unique ID value is assigned to every incoming request to the edge and stored in the x-request-id HTTP header. This value is recorded and retrievable in the HTTP Request Log Shipping request_id field for an environment.
x-mobile-class	HTTP request header is populated with 1 of 4 values that correspond to VIP’s classification of the request’s User-Agent (i.e. desktop, tablet, smart, dumb).