How to stop CloudFront showing old/cached content after modifying that content? – Apache

I work for a large job search website which uses Amazon / AWS CloudFront.

I am an advert designer and make custom adverts for some clients.

Let’s say I upload a header image called test.jpg and send a link to the client for approval. The client then asks for an amendment so I modify test.jpg and reupload it, overwriting the previous version (so, same file path).

I would expect CloudFront to notice that the file has been modified, and to serve the new version.

However, what actually happens is that the old version is displayed in my browser (Chrome), and in the client’s browser.

• If I hit reload it does not show the new version.
• If I hit HARD reload it does not show the new version.
• If I load Chrome Developer Tools, right-click reload and select Empty Cache and Hard Reload, it does not show the new version.

The only way to show the new version is to either open it in a private window, or use a completely different browser.

It does not seem to matter what browser is used initially. If I start off in Chrome, Firefox or Edge, I will keep seeing the old test.jpg until I either use a private window or switch to another browser.

Personally I can put up with this. However, clients simply don’t understand the instruction “Try it in a private window”. The result is dozens of complaints every week that I have not amended their ad. I am sending screenshots currently to show that I have.

What (Apache?) settings must I change to make CloudFront serve new versions of content when that content has been modified?

DATA 1 – Response headers for test.jpg (first upload)

Request URL: https://www.redacted.com/images/test.jpg
Request Method: GET
Status Code: 200 OK
Remote Address: 52.85.70.211:443
Referrer Policy: no-referrer-when-downgrade
Accept-Ranges: bytes
Cache-Control: max-age=3600, public
Connection: keep-alive
Content-Length: 128483
Content-Type: image/jpeg
Date: Tue, 26 Feb 2019 12:39:42 GMT
ETag: "1f5e3-582ba67eea3f0"
Last-Modified: Mon, 25 Feb 2019 16:26:42 GMT
Server: Apache/2.4.6 (CentOS) PHP/7.0.28
Strict-Transport-Security: max-age=86400; includeSubDomains
Via: 1.1 f165ce34daf8c0da182681179e863c24.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ygg0SdiaCM0eGDvXXpbw8AGcGD5u0mMIrItTeh8jgfmvHrI4YgP_lQ==
X-Cache: Miss from cloudfront
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,en-GB;q=0.8
Cache-Control: max-age=0
Connection: keep-alive
Cookie: redacted
Host: www.redacted.com
If-Modified-Since: Mon, 25 Feb 2019 16:26:42 GMT
If-None-Match: "1f5e3-582ba67eea3f0"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

DATA 2 – Response headers for modified test.jpg (second upload)

Request URL: https://www.redacted.com/images/test.jpg
Request Method: GET
Status Code: 304 Not Modified
Remote Address: 52.85.70.192:443
Referrer Policy: no-referrer-when-downgrade
Age: 269
Cache-Control: max-age=3600, public
Connection: keep-alive
Date: Tue, 26 Feb 2019 12:44:11 GMT
ETag: "1f5e3-582ba67eea3f0"
Server: Apache/2.4.6 (CentOS) PHP/7.0.28
Strict-Transport-Security: max-age=86400; includeSubDomains
Via: 1.1 8d6ec6531e86b6b4aca269514f4dbbe1.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ITVX0Q5KEGtZTQj6qpZKX7CJYqfoEZF3ngujC1QFZ34vX9OI-1cubA==
X-Cache: Hit from cloudfront
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,en-GB;q=0.8
Cache-Control: max-age=0
Connection: keep-alive
Cookie: redacted
Host: www.redacted.com
If-Modified-Since: Mon, 25 Feb 2019 16:26:42 GMT
If-None-Match: "1f5e3-582ba67eea3f0"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36