diff --git a/sites/platform/src/create-apps/app-reference/single-runtime-image.md b/sites/platform/src/create-apps/app-reference/single-runtime-image.md
index 7c8582e6f5..ad95cb0b10 100644
--- a/sites/platform/src/create-apps/app-reference/single-runtime-image.md
+++ b/sites/platform/src/create-apps/app-reference/single-runtime-image.md
@@ -632,7 +632,7 @@ The following table presents possible properties for each location:
| `root` | `string` | | The directory to serve static assets for this location relative to the [app's root directory](#root-directory). Must be an actual directory inside the root directory. |
| `passthru` | `boolean` or `string` | `false` | Whether to forward disallowed and missing resources from this location to the app. A string is a path with a leading `/` to the controller, such as `/index.php`.
If your app is in PHP, when setting `passthru` to `true`, you might want to set `scripts` to `false` for enhanced security. This prevents PHP scripts from being executed from the specified location. You might also want to set `allow` to `false` so that not only PHP scripts can't be executed, but their source code also can't be delivered. |
| `index` | Array of `string`s or `null` | | Files to consider when serving a request for a directory. When set, requires access to the files through the `allow` or `rules` keys. |
-| `expires` | `string` | `-1` | How long static assets are cached. The default means no caching. Setting it to a value enables the `Cache-Control` and `Expires` headers. Times can be suffixed with `ms` = milliseconds, `s` = seconds, `m` = minutes, `h` = hours, `d` = days, `w` = weeks, `M` = months/30d, or `y` = years/365d. |
+| `expires` | `string` | `-1` | How long static assets are cached. The default means no caching. Setting it to a value enables the `Cache-Control` and `Expires` headers. Times can be suffixed with `ms` = milliseconds, `s` = seconds, `m` = minutes, `h` = hours, `d` = days, `w` = weeks, `M` = months/30d, or `y` = years/365d. If a `Cache-Control` appears on the `headers` configuration, `expires`, if set, will be ignored. Thus, make sure to set the `Cache-Control`'s `max-age` value when specifying a the header. |
| `allow` | `boolean` | `true` | Whether to allow serving files which don't match a rule. |
| `scripts` | `boolean` | | Whether to allow scripts to run. Doesn't apply to paths specified in `passthru`. Meaningful only on PHP containers. |
| `headers` | A headers dictionary | | Any additional headers to apply to static assets, mapping header names to values. Responses from the app aren't affected. |
diff --git a/sites/platform/src/create-apps/web/static.md b/sites/platform/src/create-apps/web/static.md
index a422b75519..9dfb5b5426 100644
--- a/sites/platform/src/create-apps/web/static.md
+++ b/sites/platform/src/create-apps/web/static.md
@@ -83,6 +83,21 @@ web:
expires: 4w
```
+You can also set a `Cache-Control` header in your rules.
+```yaml {configFile="app"}
+web:
+ locations:
+ '/':
+ ...
+ expires: 24h
+ rules:
+ \.(css|js|gif|jpe?g|png|svg)$:
+ headers:
+ Cache-Control: "public, max-age=2419200, immutable"
+
+If `expires` and a `Cache-Control` header are set, the rule ignores the `expires` and sets only the `Cache-Control` header. For this reason, make sure
+to add a `max-age` value, in seconds, for the `Cache-Control` header.
+
### Conserve the server
Because your site is completely static, it doesn't need the server to be running.
diff --git a/sites/upsun/src/create-apps/app-reference/single-runtime-image.md b/sites/upsun/src/create-apps/app-reference/single-runtime-image.md
index 7bef4222d1..e00bc090e2 100644
--- a/sites/upsun/src/create-apps/app-reference/single-runtime-image.md
+++ b/sites/upsun/src/create-apps/app-reference/single-runtime-image.md
@@ -699,7 +699,7 @@ The following table presents possible properties for each location:
| `root` | `string` | | The directory to serve static assets for this location relative to the [app's root directory](#root-directory). Must be an actual directory inside the root directory. |
| `passthru` | `boolean` or `string` | `false` | Whether to forward disallowed and missing resources from this location to the app. A string is a path with a leading `/` to the controller, such as `/index.php`.
If your app is in PHP, when setting `passthru` to `true`, you might want to set `scripts` to `false` for enhanced security. This prevents PHP scripts from being executed from the specified location. You might also want to set `allow` to `false` so that not only PHP scripts can't be executed, but their source code also can't be delivered. |
| `index` | Array of `string`s or `null` | | Files to consider when serving a request for a directory. When set, requires access to the files through the `allow` or `rules` keys. |
-| `expires` | `string` | `-1` | How long static assets are cached. The default means no caching. Setting it to a value enables the `Cache-Control` and `Expires` headers. Times can be suffixed with `ms` = milliseconds, `s` = seconds, `m` = minutes, `h` = hours, `d` = days, `w` = weeks, `M` = months/30d, or `y` = years/365d. |
+| `expires` | `string` | `-1` | How long static assets are cached. The default means no caching. Setting it to a value enables the `Cache-Control` and `Expires` headers. Times can be suffixed with `ms` = milliseconds, `s` = seconds, `m` = minutes, `h` = hours, `d` = days, `w` = weeks, `M` = months/30d, or `y` = years/365d. If a `Cache-Control` appears on the `headers` configuration, `expires`, if set, will be ignored. Thus, make sure to set the `Cache-Control`'s `max-age` value when specifying a the header. |
| `allow` | `boolean` | `true` | Whether to allow serving files which don't match a rule. |
| `scripts` | `boolean` | | Whether to allow scripts to run. Doesn't apply to paths specified in `passthru`. Meaningful only on PHP containers. |
| `headers` | A headers dictionary | | Any additional headers to apply to static assets, mapping header names to values. Responses from the app aren't affected. |
diff --git a/sites/upsun/src/create-apps/web/static.md b/sites/upsun/src/create-apps/web/static.md
index 0515f171b8..8df10f5d1a 100644
--- a/sites/upsun/src/create-apps/web/static.md
+++ b/sites/upsun/src/create-apps/web/static.md
@@ -93,6 +93,21 @@ applications:
expires: 4w
```
+You can also set a `Cache-Control` header in your rules.
+```yaml {configFile="app"}
+web:
+ locations:
+ '/':
+ ...
+ expires: 24h
+ rules:
+ \.(css|js|gif|jpe?g|png|svg)$:
+ headers:
+ Cache-Control: "public, max-age=2419200, immutable"
+
+If `expires` and a `Cache-Control` header are set, the rule ignores the `expires` and sets only the `Cache-Control` header. For this reason, make sure
+to add a `max-age` value, in seconds, for the `Cache-Control` header.
+
### Conserve the server
Because your site is completely static, it doesn't need the server to be running.