Shopify Efficient Cache Policy: Fix the PageSpeed Warning (2026)

Quick Fix with Thunder

What the Cache Policy Audit Actually Measures

For each static asset on the page — CSS, JavaScript, images, fonts — Lighthouse looks at the Cache-Control response header. If the max-age is short, or there is no caching directive at all, the asset gets flagged. Google's guidance is to cache immutable static assets aggressively, typically with Cache-Control: max-age=31536000 (one year). Newer Performance Insights raise the bar so any cacheable subresource under 30 days is treated as a miss.

The benefit is not first-visit speed — it is repeat-visit speed. When the browser already has a valid copy in its HTTP cache, it skips the network entirely. Short max-age values force the browser to revalidate or re-download every time, which hurts returning customers and bots.

For the official explanation, see Chrome's "Serve static assets with an efficient cache policy" documentation. The audit is a diagnostic, not a Core Web Vitals metric, so it does not directly affect your field LCP, INP, or CLS scores.

What Shopify Already Handles for You

You cannot edit Cache-Control on these. You also do not need to. If the Lighthouse panel lists nothing but cdn.shopify.com URLs, the warning is almost always cosmetic — Lighthouse sometimes flags Shopify assets when their max-age sits below the 30-day Performance Insights threshold, even though the assets are content-hashed and effectively immutable.

What Actually Triggers the Warning on Shopify

Open the diagnostic in PageSpeed Insights and look at the domains. The flagged URLs almost always come from third parties — Klaviyo, Meta Pixel, Google Tag Manager, Google Analytics, TikTok, Hotjar, Klarna, Shop Pay tracking, chat widgets, review tools, recommendation engines, A/B test platforms. These vendors set their own Cache-Control headers, and many of them deliberately use short max-age values so they can push updates fast.

That means the practical fix is not "rewrite the headers" — it is "load fewer of these scripts in the first place, and only when they are needed." Every script you cut or defer is one fewer flagged URL in the audit and one less repeat-visit network request.

If the diagnostic also lights up payload, blocking, or chain warnings, work on them in parallel using the enormous network payloads guide, the Total Blocking Time guide, and the critical request chains guide.

Step 1: Sort the Diagnostic by Domain, Not Filename

Open the "Serve static assets with an efficient cache policy" panel in Lighthouse and group the URLs mentally by host. Anything on cdn.shopify.com or your store domain is Shopify-managed. Anything on a third-party domain is a candidate for cleanup or deferral. The handful of flagged Shopify URLs are not where to spend your morning.

For each third-party domain, ask three questions: do we need this on every page, do we need it before first interaction, and is there a lighter alternative. Most stores can drop or defer 30-60% of their third-party load just by answering honestly. For the audit pattern, see the speed test results guide.

Step 2: Cut and Defer Third-Party Apps

The biggest single source of flagged URLs is usually app embeds. Walk through Online Store → Themes → Customize → App embeds and disable anything that is not actively earning. Then audit theme app extensions and uninstall apps you no longer need. Removing an app removes every URL that came with it.

For apps you keep, conditionally load their scripts. A wishlist app does not need to run on the homepage; a review widget does not need to initialize on the cart page. Wrap snippets in template checks so they only load where they actually do work.

{%- if template contains 'product' -%}
  <script src="{{ 'reviews.js' | asset_url }}" defer></script>
{%- endif -%}

For deeper app and embed cleanup, see the apps that slow down your store roundup and the unused CSS and JavaScript guide.

Step 3: Tame Tracking and Tag Managers

Marketing tags are a common Cache-Control offender because vendors intentionally serve them with short lifetimes. You usually cannot change that. What you can do is reduce how many tags fire, when they fire, and on which pages. Consolidate overlapping tracking, remove pixels no one is using, and load non-essential tags after interaction.

Customer Events in the Shopify admin is a cleaner home for many pixels than the theme. Move tags there where possible — it keeps them out of the LCP path. For the wider tracking conversation, see the third-party scripts guide and the best heatmap tools roundup.

Step 4: Ignore Generic Cloudflare Advice on Shopify

A lot of "efficient cache policy" tutorials are written for self-hosted sites and tell you to add Cloudflare, edit nginx, ship a .htaccess, or change a CDN config. None of that applies on Shopify. You cannot put a custom reverse proxy in front of the storefront without breaking checkout, the admin, and Shopify's own CDN behavior.

Specifically avoid: adding Cloudflare's orange cloud in front of cdn.shopify.com, attempting to override headers in JavaScript, and "service worker caching" hacks that intercept Shopify assets. These usually create more bugs than they fix and can violate Shopify's terms.

Shopify Community threads about this warning frequently end with merchants chasing headers they cannot control. Save the time. Focus on what is yours to fix: which third-party assets load, when they load, and whether they need to load at all.

Step 5: When Shopify CDN URLs Are All That's Left

If after step 4 the only flagged URLs are cdn.shopify.com assets, the practical answer is: leave it. Those files are content-hashed, served from Shopify's global CDN, and effectively immutable for the version they belong to. Lighthouse may flag them anyway because the max-age does not meet the 30-day Performance Insights threshold, but the real-world cache hit rate on repeat visits is high.

This is one of those warnings that does not always translate to a real user problem. Focus on warnings that move LCP, INP, and CLS instead — those are the metrics Google ranks on. The pillar complete Shopify speed optimization guide has the priority order.

For a hands-on review of your specific store, see our Shopify speed optimization service or check Thunder pricing.

Manual Fix vs Thunder Fix

Retest Once, Stop Chasing PageSpeed Noise

After cutting and deferring third-party assets, rerun PageSpeed two or three times and compare the median. Watch the diagnostic shrink to a smaller list, then stop. Chasing every last Shopify CDN URL is a losing game and pulls time away from Core Web Vitals work that actually moves rankings.

For broader supporting work, see properly size images, the non-composited animations guide, and the Core Web Vitals guide for Shopify. For Thunder's automated work, see Thunder's features.

References and Validation

Chrome's efficient cache policy documentation recommends caching immutable static assets with long max-age values and notes the 30-day threshold used by newer Performance Insights. Shopify's storefront performance guidance confirms theme assets are served from a global CDN with content-hashed URLs that handle invalidation safely.

Shopify Community threads about this warning often end the same way: merchants discover most of the flagged URLs are not theirs to edit. The realistic playbook is the one above — cut apps, defer scripts, ignore advice that does not apply on Shopify, and spend the saved time on metrics that actually move rankings.