diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex
index 9ef30e885..8cd7a2270 100644
--- a/lib/pleroma/web/endpoint.ex
+++ b/lib/pleroma/web/endpoint.ex
@@ -16,17 +16,32 @@ defmodule Pleroma.Web.Endpoint do
+  @static_cache_control "public, no-cache"
   # InstanceStatic needs to be before Plug.Static to be able to override shipped-static files
   # If you're adding new paths to `only:` you'll need to configure them in InstanceStatic as well
-  plug(Pleroma.Plugs.InstanceStatic, at: "/")
+  # Cache-control headers are duplicated in case we turn off etags in the future
+  plug(Pleroma.Plugs.InstanceStatic,
+    at: "/",
+    gzip: true,
+    cache_control_for_etags: @static_cache_control,
+    headers: %{
+      "cache-control" => @static_cache_control
+    }
+  )
     at: "/",
     from: :pleroma,
-      ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc)
+      ~w(index.html robots.txt static finmoji emoji packs sounds images instance sw.js sw-pleroma.js favicon.png schemas doc),
     # credo:disable-for-previous-line Credo.Check.Readability.MaxLineLength
+    gzip: true,
+    cache_control_for_etags: @static_cache_control,
+    headers: %{
+      "cache-control" => @static_cache_control
+    }
   plug(Plug.Static.IndexHtml, at: "/pleroma/admin/")
diff --git a/test/plugs/cache_control_test.exs b/test/plugs/cache_control_test.exs
new file mode 100644
index 000000000..45151b289
--- /dev/null
+++ b/test/plugs/cache_control_test.exs
@@ -0,0 +1,20 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2018 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+defmodule Pleroma.Web.CacheControlTest do
+  use Pleroma.Web.ConnCase
+  alias Plug.Conn
+  test "Verify Cache-Control header on static assets", %{conn: conn} do
+    conn = get(conn, "/index.html")
+    assert Conn.get_resp_header(conn, "cache-control") == ["public, no-cache"]
+  end
+  test "Verify Cache-Control header on the API", %{conn: conn} do
+    conn = get(conn, "/api/v1/instance")
+    assert Conn.get_resp_header(conn, "cache-control") == ["max-age=0, private, must-revalidate"]
+  end