1. Home
  2. Companies
  3. Cloudflare
Cloudflare

Cloudflare status: hosting issues and outage reports

No problems detected

If you are having issues, please submit a report below.

Full Outage Map

Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Problems in the last 24 hours

The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by Cloudflare users through our website.

  • 41% Domains (41%)
  • 25% Cloud Services (25%)
  • 16% Hosting (16%)
  • 13% Web Tools (13%)
  • 6% E-mail (6%)

Live Outage Map

The most recent Cloudflare outage reports came from the following cities:

CityProblem TypeReport Time
Manchester Domains 9 days ago
Angers Cloud Services 20 days ago
London Domains 22 days ago
Noida Hosting 1 month ago
Jewar E-mail 1 month ago
Braga Web Tools 1 month ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

  • tyler_mayberry
    Tyler Mayberry (@tyler_mayberry) reported

    Agents like Codex really unlock things that I never would have done myself. I've been thinking about migrating all kinds of things to Cloudflare in the past, but it would take all day of just tedious admin work to take care of it. Today I just handed it over to Codex and it was all done in a couple of hours without me touching anything.

  • MrRyanChi
    Mr.RC|𝟎𝐱𝐔 (@MrRyanChi) reported

    @jonah_b Nevertheless stable coin does not went down like cloudflare ✋😭✋

  • the_real_ori
    orig (@the_real_ori) reported

    @sunglassesface @Cloudflare @PlanetScale Support is always the last unsolved piece, even at companies this good. Infra scales on its own, a Discord full of overworked humans does not. That gap (AI answers first, humans only on escalations) is the whole reason I am building in this space.

  • 0xSalazar
    🐍Salazar.eth 🦇🔊 (@0xSalazar) reported

    Breaking news from yesterday - Robinhood L2 Chain went live on mainnet, built on Arbitrum - Robinhood partnered with Lighter for perps - dYdX rebrands to Arcus, DEX on Robinhood Chain - Drift rebrands to Velocity - World, Solana prediction market app, went live - Ethereum Institutional launched as an independent non-profit to drive institutional Ethereum adoption, anchor-funded by BitMine, SharpLink, and Joseph Lubin. - Ethena partnered with Robinhood, becoming the primary collateral asset issuer for Robinhood’s first crypto earn product via a Steakhouse-curated vault. - Cloudflare opened the waitlist for its Monetization Gateway, letting developers charge for web/API/MCP access with stablecoin settlement via x402. - Circle CEO Jeremy Allaire criticized OUSD, saying consortium stablecoins have a poor track record and that USDC handled 80% of all dollar stablecoin transactions in Q1. - Visa, Stripe, Mastercard, BlackRock, Coinbase and 140+ other firms launched Open USD (OUSD), a stablecoin that shares reserve revenue with partners - Forward Industries grew its Solana treasury to 7.55m SOL (~$576M) - DeFiLlama launched a MiCA exchange dashboard to help EU users compare licensed trading platforms by fees, liquidity, and KYC. - Aave Chan Initiative wound down operations following a governance rift with Aave Labs. - Pumpfun deprecated its Tokenized Agent launch option for new coins after community backlash over PVP dynamics. - Christoph Jentzsch proposed to dissolve the ENS DAO by burning the ENSv2 Universal Router key and distributing remaining funds, arguing the protocol’s goals are already accomplished

  • AlloyPress
    AlloyPress (@AlloyPress) reported

    Hey @Cloudflare, several sites using Cloudflare's login verification are stuck in a verification loop, repeatedly asking users to reverify without letting them through. Looking forward to a quick update.

  • cj_enlighten
    Christopher Johnson (@cj_enlighten) reported

    Vanilla web search in an always-on agent gets blocked. Not a Hermes bug. A structural 2026 problem. Cloudflare and Akamai are aggressive enough now that any general-purpose agent hits the wall. You need Tavily or equivalent. Budget time for it.

  • CryptoPulseGLBL
    CryptoPulse (@CryptoPulseGLBL) reported

    🔔#Today's Headlines 1. #Bitcoin Breaks Through $61,000 2. Crédit Agricole Launches EURXT, a MiCA-Compliant Euro Stablecoin on Ethereum 3. Uniswap Is Now Live on the Robinhood Chain 4. Cloudflare Launches Monetization Gateway Supporting Stablecoin Payments via the x402 Protocol 5. U.S. #HYPE Spot ETF Sees Total Net Inflows of $2.8547 Million in a Single Day 6. Drift, a @solana Ecosystem Perpetual Contracts Exchange, Announces Name Change to Velocity 7. Venice AI Completes Series A Funding Round, Raising $65 Million at a $1 Billion Valuation 8. @solana launches an on-chain governance mechanism; proposals must secure 15% staking support to be eligible for voting 9. Arcus, a decentralized exchange developed by the dYdX team, has launched on Robinhood Chain and received investment from Robinhood Crypto 10. ParaFi Capital continues to increase its SKY holdings, adding $56 million to its position, with a total loss of $1.72 million on the position

  • threepointone
    sunil pai (@threepointone) reported

    is there interest in a 4k+ word deep dive in building reliable agent loops (on cloudflare and elsewhere) writing down what I've done for building agents resilient to catastrophic failures on clients/servers/inference (with zero user code) and I need to get it out of my brain

  • danyelgphoto
    📷 Daniel 📷 (@danyelgphoto) reported

    @awscloud Hi AWS Support. I'm stuck in a loop with a copyright infringement report. Cloudflare identified Amazon as the hosting provider and forwarded my DMCA, but AWS Trust & Safety replied that they couldn't identify any AWS resource and referred me back to Cloudflare. Is there any way to escalate this or have Trust & Safety review the case again? I have the case number if needed.

  • WildWhy_v3_44
    15 dollars (@WildWhy_v3_44) reported

    is cloudflare down or does RYM just not like me

  • thomasgauvin
    Thomas Gauvin (@thomasgauvin) reported

    @joelrunyon @nickgraynews @Cloudflare can confirm humans decided on the new ui for emails we moved email routing from a feature of a domain, to a feature of email service which is a top level product (which includes both routing and sending) what setup steps are unclear? what "locks" are you encountering?

  • imhaoyi
    Yi (@imhaoyi) reported

    Oracle’s 4-core 24GB setup for Hermes was overkill and not worth it. Just migrated everything over to Google Cloud’s free tier today — a basic 2 vCPU, 1GB RAM VM. The standard network tier gives 200GB egress per month (no CDN or Cloudflare needed). More than enough. Only three regions offer free VMs. Picked us-west1 since it’s closest to Asia. e2-micro machine type, standard persistent disk up to 30GB, network tier set to standard for the bandwidth. Allow HTTP/HTTPS in the firewall, disable disk protection, and skip Ops Agent — those two are paid features. Migration was straightforward. Installed Hermes on the new VM, packed up what I needed from the old server, uploaded and extracted it, then ran hermes doctor and hermes setup. That’s it.

  • allday_stocks
    alldaystocks | 24/7 Market News (@allday_stocks) reported

    $NET Cloudflare Launches New Tools for the Agentic Internet • Cloudflare introduced new AI traffic controls, analytics, and commercial partnerships to help site owners manage how AI companies access and monetize their content • Starting September 15, new default settings will allow AI search while blocking AI training and agent use on ad-supported pages for qualifying customers • Cloudflare is expanding its Pay Per Crawl initiative into Pay Per Use, enabling publishers to be compensated when their content is used by AI systems

  • kunchenguid
    Kun Chen (@kunchenguid) reported

    i hope 2026 is the last year where we still have to manually click through any website to set things up in the last month, google cloud and app app review are the two repeated offenders that still need manual click-throughs - bad by contrast, github, cloudflare, hetner etc are pretty much entirely configurable by agents - good (why not computer use / browser automation? because i don't want to expose secrets in plain text and let the agent type them via keystrokes and capture them into screenshots)

  • beingakramraja
    𝐀𝐤𝐫𝐚𝐦 (@beingakramraja) reported

    Akash is processing 1.7 billion tokens every single day on openrouter right now outpacing cloudflare venice, elizaos, morpheus, gensyn all paying customers running real ai workloads on akash the narrative isn't that akash could become the decentralized aws. it's that it already is for a growing list of ai companies who need cheaper compute akash just launched homenode beta people with rtx 4090s and 5090s sitting at home can now connect their gpu to the network and earn from ai inference demand this changes the supply side completely instead of relying on 58 enterprise providers, the network starts pulling in consumer hardware globally more supply means more competitive pricing which means more demand which means more akt burned the things akash is building that most ct hasn't priced in yet virtual machines launching this quarter enterprise workloads that couldn't run on containers now can starcluster acquiring 7,200 nvidia gb200 gpus protocol-owned compute at hyperscale confidential computing via tee the feature enterprises require before migrating serious workloads $akt is at $0.62 the roadmap reads like a company that's two quarters away from being unignorable

  • ScangineApps
    Scangine (@ScangineApps) reported

    @RubiesUnleashed Visibility is problem for the whole internet for the last 5 years! Once all was hidden behind search engines. Now it is LLM chatbot/searchengine/cloudflare filters and few very restricted social media sites. Past was hunger for information, now it is hunger to share information

  • SYGNITO
    SYGNITO (@SYGNITO) reported

    Especially for the release of Fable 5, I’ve prepared a prompt to audit our web and mobile applications: MASTER SECURITY AUDIT PROMPT - Claude Code Usage: paste the block below into Claude Code at the root of your project. Optionally prepend context: stack (e.g. Next.js + Supabase), deployment target, and whether the app collects user data. You are acting as a senior application security engineer performing a full pre-launch security audit of this codebase. Work systematically through every phase below. For each finding, report: file/location, severity (CRITICAL / HIGH / MEDIUM / LOW), what's wrong, exploit scenario, and the exact fix (code or config). Do not skip a phase because it "looks fine" - verify by reading the actual code and config. Phase 0 - Recon Map the stack: framework, auth provider, database, hosting, payment/AI/third-party APIs. List every API route / server endpoint and every public form. List every place user data is collected, stored, or transmitted. Phase 1 - Legal & Data Exposure (protect the owner, not just the app) Identify all personal data collected (emails, names, IPs, analytics, cookies). Check: is there a privacy policy? Is data storage location/provider documented? Flag anything triggering GDPR/CCPA obligations (EU/CA users, tracking, third-party data sharing) that isn't covered. Output a short "data map": what is stored, where, for how long, and who can access it. Phase 2 - Row Level Security / Data Access If Supabase (or Postgres): verify RLS is enabled on every table and inspect each policy. Flag any table with zero policies or with USING (true) on sensitive data. Verify the anon key cannot read/write anything a logged-out visitor shouldn't touch. Simulate: "what can I fetch with just the anon key from DevTools?" Check for IDOR: can user A read/modify user B's rows by changing an ID in a request? Phase 3 - Auth Failure Paths (not the happy path) Trace the code for each scenario and flag missing/unsafe handling: Wrong password entered 5+ times (lockout / throttling?) Password reset for a non-existent email (does the response reveal account existence?) Verification link clicked twice / expired token reuse Sign-up with an already-registered email (enumeration leak?) Session handling: expiry, invalidation on logout, token storage (localStorage vs cookie) Phase 4 - Security Headers & Baseline Posture Verify presence and correctness of: Content-Security-Policy, Strict-Transport-Security, X-Frame-Options / frame-ancestors, X-Content-Type-Options, Referrer-Policy, Permissions-Policy. Check cookie flags: Secure, HttpOnly, SameSite. Check HTTPS enforcement and any mixed-content risks. Provide the exact header config for this framework (next.config, middleware, vercel.json, etc.). Phase 5 - OWASP Top 10 Sweep Audit explicitly against OWASP Top 10. Prioritize: Injection: raw SQL, string-built queries, unsanitized input reaching DB/OS/shell. XSS: dangerouslySetInnerHTML, unescaped user content, unsafe URL handling. Broken access control: server-side authorization on EVERY protected route/action - not just hidden UI. SSRF, insecure deserialization, vulnerable dependencies (run npm audit / check lockfile). For each hit, show the vulnerable line and the patched version. Phase 6 - Server-Side Validation Rule: client-side validation is UX, not security. For every input the client validates, confirm the server re-validates (type, length, format, ownership) before use. Flag any endpoint that trusts request body/params/headers without a schema (zod/valibot/etc.). Check file uploads: type, size, storage path, filename sanitization. Phase 7 - Secret & Data Leaks (the 3 classic AI-generated leaks) .env values reaching the frontend: audit every NEXT_PUBLIC_ / VITE_ / client-bundled env var. Confirm nothing sensitive is exposed. Grep the build output if possible. API responses over-returning: endpoints that SELECT * or serialize whole objects (password hashes, tokens, internal fields, other users' data). Enforce explicit field allowlists. Secrets in logs: console.log / logger calls printing tokens, request bodies with credentials, full error objects with connection strings. Phase 8 - API Keys in the Browser Any paid/privileged API key referenced in client code = game over. Assume it's already stolen. For each one found: propose the server-side proxy route or edge function that replaces it, with auth + rate limiting on that proxy. Phase 9 - Rate Limiting & Cost Protection Every endpoint hitting a paid API (LLM, email, SMS, storage) MUST have rate limiting. Verify per-IP and per-user limits. Check for unbounded loops/retries that can multiply costs. Verify usage caps/alerts exist at the provider level (Supabase/OpenAI/Anthropic spend limits). Propose concrete middleware (e.g. Upstash Ratelimit, in-memory for small apps) with sensible defaults per endpoint. Phase 10 - Bot Protection & CORS Public forms (signup, contact, waitlist): verify CAPTCHA (Cloudflare Turnstile preferred - free) or equivalent. CORS: must be locked to the production domain(s). Flag *, reflected origins, or missing config. Show the correct config for this stack. Phase 11 - Error Messages That Don't Leak User-facing errors must be generic ("Something went wrong", "Invalid credentials") - never stack traces, SQL, file paths, or library internals. Full errors go to server-side logs only. Auth errors must not enable enumeration ("user not found" vs "wrong password" - use one message). Flag every res.send(error) / throw that surfaces raw error objects to the client. Phase 12 - Dependencies & Supply Chain Run npm audit (or equivalent) and triage results: exploitable in THIS app vs noise. Check lockfile integrity: is it committed? Any dependencies pulled from *** URLs or unpinned versions? Flag abandoned packages (no release in 2+ years) in security-critical paths (auth, crypto, parsing). Check for postinstall scripts in dependencies that could exfiltrate env vars. Phase 13 - *** History & CI/CD Secrets Scan *** history for committed secrets (keys, tokens, .env files) not just current tree. Recommend gitleaks or trufflehog and interpret results. If a secret was EVER committed: it must be rotated, not just deleted. List every secret needing rotation. Audit CI/CD config: secrets exposed in build logs, PR builds from forks with access to secrets, deploy tokens with excessive scope. Phase 14 - Payments & Webhooks (if applicable) Webhook endpoints (Stripe, LemonSqueezy, etc.): verify signature validation on every incoming webhook. Unverified webhook = anyone can grant themselves a paid plan. Idempotency: can a replayed webhook double-credit an account? Price/amount must come from the server, never from the client request. Check for premium-feature gating done only in UI (flag server-side entitlement checks). Phase 15 - Business Logic Abuse Race conditions: double-submit on purchase, redeem, or vote endpoints (parallel requests bypassing "once only" checks). Negative or absurd values: quantity -1, amount 0.001, array of 10,000 items in one request. Workflow skipping: can a user hit step-3 endpoint directly without completing step 1–2 (e.g. unverified email accessing verified-only features)? Coupon/referral/free-tier abuse: what stops one person from creating 500 accounts? Phase 16 - Mobile-Specific (if this is or ships a mobile app: native, React Native, Flutter, Capacitor, Godot export) Secrets in the binary: assume the APK/IPA will be decompiled. Grep bundled code/assets for API keys, endpoints, feature flags. Anything privileged must live behind your server. Secure storage: tokens/credentials in Keychain (iOS) / Keystore (Android) — never SharedPreferences, plain files, or AsyncStorage unencrypted. Transport: TLS everywhere; flag any usesCleartextTraffic=true / ATS exceptions. Consider certificate pinning for high-value APIs and document the tradeoff (pinning + expired cert = bricked app). Deep links / intents: validate and sanitize all deep link parameters; flag exported activities/intents (Android) that expose internal screens or actions. Verify OAuth redirect URIs can't be hijacked by another app claiming the scheme. WebViews: JS bridges (addJavascriptInterface, postMessage) exposing native functions to loaded content; loading remote URLs in privileged WebViews. Permissions: request the minimum; flag any permission not backed by a real feature. Client trust: server must never trust the app's claims (purchases → verify receipts server-side with Apple/Google; game scores/currency → server-authoritative). Update path: can old vulnerable app versions be force-deprecated (minimum version check)? Phase 17 - AI/LLM Endpoints (if the app calls LLMs) Prompt injection: user content concatenated into system prompts; document/URL content passed to the model that can carry instructions. Verify untrusted content is delimited and the system prompt treats it as data. Output handling: LLM output rendered as HTML/markdown (XSS via model output), executed as code, or used in DB queries without validation. Cost abuse: per-user token/request caps, max input length enforced server-side, streaming abort on disconnect. Data leakage: user A's data appearing in context for user B (shared caches, conversation history keyed incorrectly). System prompts containing secrets - assume system prompts can be extracted. Phase 18 - Infrastructure & Storage Storage buckets (Supabase Storage, S3, R2): public/private per bucket verified; signed URLs with sane expiry; no listing enabled on private buckets. Admin panels / internal dashboards: not reachable on production domain without auth; no default credentials. Database: backups enabled and tested; connection not exposed publicly; least-privilege DB roles (app doesn't connect as superuser). Staging/preview environments: same protections as ****, or no real data in them. Preview deployments (Vercel) with **** env vars = shadow ****. Phase 19 - Monitoring & Incident Readiness Would you KNOW if you were breached? Verify: error tracking (Sentry etc.), auth anomaly visibility (mass failed logins), billing alerts on all paid APIs. Audit log for sensitive actions (role changes, data exports, deletions) who did what, when. One-page incident checklist exists: how to rotate every secret, how to invalidate all sessions, how to take the app offline. If not, generate it as part of this audit. Final Output Produce: Executive summary - overall posture in 3 sentences. Findings table sorted by severity: # | Severity | Phase | File | Issue | Fix effort (S/M/L). Fix plan - ordered list starting with CRITICALs; group quick wins (<10 min) separately. Rotation list - every secret that must be rotated (from Phase 13), separate from code fixes. Offer to apply the CRITICAL fixes immediately, one at a time, with a diff for each before applying. Skip phases that don't apply (state why: "Phase 14 skipped - no payments in this app"). Do not invent findings. If a phase is clean, say so explicitly and state what evidence you checked.

  • Mike_Preston17
    Nicholas Preston (@Mike_Preston17) reported

    @PLOwingPots @DevLeaderCa You really should learn C and C++ to understand the fundamentals, etc. I say this as a C# dev who went C -> C++ -> Java -> C#. You won't appreciate the 'better' language nearly as much if you don't at least suffer from the shortcomings of its successor language. I suffered pointer and stack overflows from C++ and that taught me to not be an idiot with my memory. Rust babies devs too much, imo - that's what (again, imo) led to the Cloudflare outage: too much trust in the compiler and willfully ignoring the dynamic nature of data in production (which NO language can account for).

  • StanleyMasinde_
    John Doe (@StanleyMasinde_) reported

    @SamProgramiz I’m glad you’re now seeing that Rust is not babysitting programmers on line one. It just makes you acknowledge your mistake. A panic caused a Cloudflare outage earlier this year. On paragraph 2, Rust will not even compile. Yes memory safety goes beyond nulls. If the language doesn’t handle an illegal reference, the hardware will send an interrupt and the kernel will kill the entire program. Now imagine you have. // processing some stuff Foo() passes bar() fails with an interrupt or NPE fizz() is completely skipped. Your program just corrupted data because null possibility was ignored.

  • Habiboooo4
    HAB1B0 German Raffleking 🇩🇪🇹🇷👑{🦅} (@Habiboooo4) reported

    @Signulous Your cloudflare is down

  • trudydehacker
    Shantanu Dhanuka (@trudydehacker) reported

    @CloudflareHelp Hi, My domain DNS on cloudflare and hosted on CF Pages is returning Warning - Suspected Phishing - This website has been reported for potential phishing. This is happening only with the homepage, inner pages are working fine. We raised multiple ticket Pls help

  • elie2222
    Elie Steinbock ~ getinboxzero.com (@elie2222) reported

    Got a Vercel bill down from $4,200/mo to $120/mo. Some notes: - This is a free B2C product that went somewhat viral. - To get cost down I first optimised Vercel itself. Better caching. Move images to Hetzner / Cloudflare / AWS. - I also switched off server rendering. This product didn't need it. Moved everything to SWR. These changes were needed for better caching. - The big drop at the end is because I moved a lot to a Hono server on Hetzner. - I reused an existing Hetzner server so there were no extra costs there. But even if using a new one, the extra cost would have been only another ~$30/mo. - For B2B products it's usually not worth worrying about. This product had 15k+ signups in the last month. If you have thousands of paying customers, you're making 7 figures per year and a few k to Vercel isn't critical. This product was free, so it was painful to be burning dollars on it. - No need to waste money you don't need to, but the peace of mind with Vercel handling any scale, and you having zero DevOps is a major plus. - You can always make the adjustments I did. It's easy with AI. You're not locked in forever. - The switch I made to Hono was a simple one. It doesn't have load balancing. The server should hold up, but for a B2B SaaS I'd invest more time in a stable setup (which would also cost more time and money). - Vercel makes less sense for a B2C app that goes somewhat viral. It's still my go to every time, but need to be ready to move if you do see some real growth. - The product still uses Vercel. But many of GET requests now go to Hono. PS, this isn't for @inboxzero_ai which is prosumer/B2B focused and isn't free (other than 7 day free trial).

  • stevy_smith
    Steve Smith (@stevy_smith) reported

    @WillPapper @Cloudflare do you think you'd look to support MPP too?

  • olvrgln
    Oliver (@olvrgln) reported

    @auxten @arundsharma We have a similar issue with workers. For now thinking of rewriting some core rust services into ts just for cloudflare. Very curious if you solve this and how

  • jasper_disney
    Jasper Disney (@jasper_disney) reported

    As an unsuccessful app builder, I only need to pay 5 dollars to Cloudflare each month. Life is not that bad.

  • games_inu
    Inu Games (@games_inu) reported

    @EddCoates @mishuba All those people saying "use Cloudflare" cannot just check the ip and see that it is Cloudflare, unbelievable! Btw, what I do now is to block cloud providers by AS number, seems to help a little.

  • turnpike402
    Turnpike (@turnpike402) reported

    The announcement from Cloudflare today is a huge step forward for the x402 ecosystem. Part of the problem at this early stage is convincing AI companies that they'll need to pay for what they scrape - CF is a loud voice telling them otherwise.

  • Nitewalkar
    Nitewalkar (@Nitewalkar) reported

    Day 4 of building with Grok Build and using Openclaw to manage what I build. We have made; - Fully Functioning POS App - tailacale - pull from open inv - create new sale - return/refund - Android ready. - Fully Functioning Ops App - work orders - forms - compliance docs - service agreements - calendar - team message board (avail on web) - cloudflare w/ms auth - upload purchases Clawbot Learning - email booking -> work order and draft invoices - email purchase receipt -> update PO, draft purchase/bill - email scan and monitoring - calendar management Websites - hosted docker on backend - rebuilt exclusovely with build - need fine tuning and revision then go live!!!!!!! Next - shared inbox/alias config for custom ms auth logins on one license ms365... ● Saving $700/year in GoDaddy. ● 1.19%/transaction on POS. ● 1-2h/day in admin time saved with OPS ● Clawbot monitors/manages space on always on pc. ● Build script monitors drive and pc it lives on with cron script. Reads logs and fixes issues. SEND MOAR CREDS BROS!!! THIS IS AMAZING!!!!!!! Entrepreneurs ********* @grok @xai @openclaw

  • StanleyMasinde_
    John Doe (@StanleyMasinde_) reported

    Cloudflare will not fix your architecture issues. Like here, the upstream server is down. Cloudflare shines on static sites. For back end apps on a single VPS, it’s like using a spade to eat. You’ll still have a small mouth. If you want to utilise Cloudflare for your backend, use Workers. You’ll also need a way to ensure you have databases close to the edge so that a user on Australia doesn’t have to query data from London. Or AWS… In your case, the only benefit is Cloudflare hiding your origin IP. There’s not performance benefits. Just an unnecessary extra network hope.

  • makisuo
    Makisuo (@makisuo) reported

    Can anyone @Cloudflare help me with the startup program, I applied back in april and still haven't heard back :(