Can I fix Largest Contentful Paint only with nginx?

Rarely entirely. You can shorten TTFB with gzip or brotli, HTTP/2, and good caching, but LCP usually also needs image sizing, priority hints, and fewer render-blocking scripts in HTML.

Should APIs send Cache-Control: public?

Only for responses that are identical for every user and safe to store at shared caches. Authenticated JSON should use private or no-store unless you deeply understand your CDN semantics.

Why does gzip not show up in PageSpeed sometimes?

PSI may fetch via a path that bypasses your compression filter, or your origin only compresses above a size threshold. Verify with curl -H Accept-Encoding: gzip against the exact URL Lighthouse hits.

Web Performance — Server-Side Fixes That Actually Move the Score

PageSpeed Insights mixes lab signals with field data. Some audits you can fix with TLS, compression, and cache headers—the stuff your edge already owns. Others need bundle surgery. Knowing which is which saves you from rewrites that never show up in the score.

Config-first wins

Text compression – Enable Brotli or gzip for text/html, JSON, SVG, and JavaScript at sane quality levels. Missing Content-Encoding on large JS is an automatic LCP/TBT tax.
Immutable static assets – Fingerprint filenames (app.8f3c2.js) and serve with long max-age plus immutable; HTML stays short TTL so deployments propagate.
HTTP/2 or HTTP/3 – Multiplexing matters more than micro-optimizing sprite sheets now; terminate modern protocols at the CDN if your origin is stuck.
CDN caching rules – Stale content served globally beats a perfect origin that answers every request from Virginia.

Usually needs code or build changes

Render-blocking JavaScript at the top of <head>, unbounded client hydration, hero images without width/height, and third-party tag sprawl rarely disappear with nginx flags alone. Fix the HTML graph, then let caching amplify the win.

Cache-Control for static vs API

Versioned assets can be aggressive:

Cache-Control: public, max-age=31536000, immutable

HTML documents should revalidate often:

Cache-Control: no-cache

Authenticated JSON should assume shared caches exist even if you only use Cloudflare for statics—defaults bite when someone turns on tiered caching later:

Cache-Control: private, no-store

If responses vary by Accept-Encoding or Origin, echo Vary so intermediaries do not glue incompatible representations together.

Compression snippets

Nginx with gzip (baseline):

gzip on;
gzip_types text/plain text/css application/javascript application/json image/svg+xml;
gzip_min_length 256;

Apache with mod_brotli after enabling the module:

AddOutputFilterByType BROTLI_COMPRESS text/html text/css application/javascript

When to reach for EdgeFix

Mis-set Cache-Control on authenticated HTML is how session-specific pages end up on a CDN’s edge. Before chasing image bytes, prove your edge is not serving someone else’s dashboard—EdgeFix reads the live header set and calls out dangerous combinations.

Reading PSI variance

Lab scores swing with CPU throttling and network emulation; field data in Search Console reflects real users on medians. If the lab flags “Reduce unused JavaScript” while Core Web Vitals are green, prioritize field regressions first—server tuning will not delete dead bundles. Conversely, strong lab compression with weak TTFB usually points to origin distance or TLS handshakes, not front-end lazy loading.

WordPress and managed hosts

On WordPress, page caching plugins can emit their own Cache-Control and bypass PHP for HTML. That helps TTFB but can fight your API routes if rules are too broad. Put API subdomains on separate server blocks or route patterns so /wp-json/ does not inherit immutable rules meant for /wp-content/uploads/.

Measuring after deploy

After changing gzip or cache policy, wait for one TTL cycle before declaring victory—CDNs need time to repopulate. Compare median LCP in RUM before and after, not a single Lighthouse run logged in Slack.

SpeedFixer tie-in

SpeedFixer maps failing Lighthouse audits to stack-specific snippets so you are not guessing whether to touch Nginx gzip_types or Cloudflare Polish first. Feed it the same URL you test in production, then apply one change at a time—otherwise you will not know which lever moved First Contentful Paint.