1. Home
  3. Companies
  5. Cloudflare
Cloudflare

Cloudflare status: hosting issues and outage reports

No problems detected

If you are having issues, please submit a report below.

Full Outage Map

Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Problems in the last 24 hours

The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by Cloudflare users through our website.

  • 44% Domains (44%)
  • 27% Cloud Services (27%)
  • 17% Hosting (17%)
  • 8% Web Tools (8%)
  • 4% E-mail (4%)

Live Outage Map

The most recent Cloudflare outage reports came from the following cities:

CityProblem TypeReport Time
Farmers Branch Web Tools 1 day ago
Helsinki Cloud Services 4 days ago
Crisfield Domains 6 days ago
Nanaimo Web Tools 7 days ago
New York City Web Tools 7 days ago
Istanbul Domains 10 days ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

  • trevorlasn
    Trevor I. Lasn (@trevorlasn) reported

    @Cloudflare passkeys for daily auth, manager for everything stuck on legacy login. cant fully kill the manager til every site supports passkeys

  • KalebZen
    Kaleb Zen (@KalebZen) reported

    @Cloudflare I am a 30 year developer working in an enterprise, and I have never used one.

  • anyxnow
    any (@anyxnow) reported

    @Cloudflare ok but @cloudflare how do i connect my apple account after i registered with the original apple email? using apple login just creates a new account for me :(

  • MarioNawfal
    Mario Nawfal (@MarioNawfal) reported

    🇺🇸 FBI Director Kash’s merch site BasedApparel. com got hacked/compromised with some ClickFix malware Fake Cloudflare page tricks macOS users into pasting Terminal commands → straight-up steals browser passwords + crypto wallets. The site is currently down (for obvious reasons) Source: PC Mag

  • cjsneo
    Neo (@cjsneo) reported

    cloudflare do such a good job on their services, but their actual interface is a total crock of ****. cant even log in half the time

  • Hacksore
    Hacksore (@Hacksore) reported

    No WAF No gRPC/protobufs No Kubernetes No service mesh No 17 layers of observability (Jaeger + Prometheus + Grafana + OpenTelemetry + whatever new **** dropped this week) No "eventually consistent" 8 microservices with Kafka between them No Cloudflare + 3 CDNs + edge functions No "we use hexagonal architecture" No Terraform for 47 resources No "left shift security" bullshit yeah it's not that complicated

  • takshshahh
    Taksh Shah (@takshshahh) reported

    @Thom_K_NL @Cloudflare Well the dashboard wouldn't even open for me yesterday so I'll say they have bigger issues

  • axilyng
    axi (@axilyng) reported

    @Cloudflare Passkeys are extremely inconvenient and keeps having way too many issues. I'm never using them again.

  • MrBison85
    My Info (@MrBison85) reported

    @miyaopookie @dm4uz3 I jumped on before it went down and couldn't reproduce the issue i did get cloudflare to do its auth and let me browse for a bit before i lost interest in the lies of a confused "computer nerd" that can't tell maintenance from an attack.

  • jonnyMarshal
    Jonathan (@jonnyMarshal) reported

    @Cloudflare I can’t login to my dashboard for over 30mins now!

  • wickedguro
    Nevo David (@wickedguro) reported

    Postiz is currently on $105k MRR. My infrastructure is actually very cheap: > Railway = ~$200/m > CloudFlare R2 = ~$160/m, it's too damn cheap > X = $1000/m, yes, yes, you have to move to their PPU (good for me, it will remove some competitors) > Transloadit = $800/m > ChatGPT credits = $200/m

  • michael_chomsky
    Michael (@michael_chomsky) reported

    @albert_ @retrovrv the problem is that being Cloudflare native makes consumer economics feasible but makes BYOC much harder

  • bykarthikreddy
    Karthik Reddy (@bykarthikreddy) reported

    @abhijeet_dipke - The website's domain was put on "clientHold" status by its registrar (Hostinger). - When this happens, the website's address stops working, so Google and Cloudflare can't find it and show NXDOMAIN (website does not exist). - Earlier, the site was still reaching Hostinger's servers but showed 403 Forbidden, meaning the server was active but access was blocked. - This usually happens because of issues like unpaid bills, missing verification, or registrar policy actions. - It does not look like a government internet block. - Since the domain is only a few days old, it's more likely that the website owner or hosting provider caused the shutdown than any government agency.

  • StrangeWill
    William Roush (@StrangeWill) reported

    @eastdakota @ariesrclark @Cloudflare Yeah, the problem is it was *highly* misleading, I had people linking me this article asking if we can deploy Matrix this way only to find out it was edited by the time I got around to it, made more clear it's a proof of concept, while removing evidence of what was half-assed in the PoC (that's... really ethically questionable). Also misses *a lot* of what makes running Matrix a PITA, it isn't running Postgres and Redis, it's framing the entire premise incorrectly. You can play "we don't hold people accountable for AI slop in this day and age" but it's still ****.

  • mSanterre
    max (@mSanterre) reported

    @michael_mzl It's not just devs. Most of these layoffs are 20-30% devs, tons of recruiters, support staff, HR, etc. CloudFlare recently let go of a ton of people, but it was 90% support staff.

  • IanSmith_HSA
    Ian Smith (@IanSmith_HSA) reported

    @FutureDies @conordeegan For wallets, ETH can push the signature verification to the edge devices. The chain has a goal of finishing the upgrades by 2029. Google and cloudflare warned that the network migration needs to be done by Jan of 2029. The signature scheme, network protocol and interchain tech is hard to change. XX will sometimes admit they haven't changed these parts of Substrate still. They are relying on delayed last minute consensus upgrades, 'trust us' and marketing lies.

  • _ChrisCovington
    Chris Covington (@_ChrisCovington) reported

    @AlanNeveu @vpetryniak @Cloudflare yup most have them builtin, they are basically the same thing from the managers pov. also yes the platform issues with these are 99% of the headache, not the tech itself lol

  • IntentSim
    marcelo mezquia (@IntentSim) reported

    Stopping the bad guys with Cloudflare: 15,548 malicious requests blocked or challenged in the last month #cloudflare #intentsim #mezquiaphysics

  • DrAmir0078
    Amir Fadhel (@DrAmir0078) reported

    Cloudflare is down, seriously scary! #cloudflare

  • tebayoso
    Jorge (@tebayoso) reported

    @Cloudflare Then add a button to login with Passkey, it's used only as 2fa.

  • TeeDevh
    Vu. (@TeeDevh) reported

    Is Cloudflare currently down?

  • poyhen
    furkan (@poyhen) reported

    is the @Cloudflare dashboard down?

  • misu_ciidr
    Misu (@misu_ciidr) reported

    Anthropic’s Claude just uncovered over 10,000 high and critical vulnerabilities in a single month, including 2,000 in Cloudflare and hundreds in Firefox. It even caught and stopped a $1.5 million wire fraud in real time. Now companies are literally begging Anthropic to slow down because they can’t patch fast enough. And that’s the stuff built by pros. Now imagine the flood of ‘vibe coded’ apps and SaaS products hitting your phone, laptop, and desktop, all churned out by the same Claude.

  • notesfrom641
    OpaquePredicate (@notesfrom641) reported

    @deteccphilippe Why do you reserve the right to make permanent changes to their installation? Who gives you that right? Imagine if a Cloudflare petitioned Chrome for an API to make changes like this to block 'bots'. Would you support that? Because if you do, you are against personal computing.

  • notesfrom641
    OpaquePredicate (@notesfrom641) reported

    @honkinwaffle @stupidtechtakes it's bad enough that you have to reinstall your OS just for breaking TOS on some stupid game if cloudflare did this to stop 'bots' there'd be an uproar, this is the same thing.

  • buildsolo_x
    @buildsolo (@buildsolo_x) reported

    Spent 2 hours debugging BlackRabbit today. A new feature I’ve been building for the past week kept failing, while the rest of the extension still worked. So I checked the worker. Checked the prompt. Checked Gemini. Checked the extension state. The real issue? Cloudflare free-tier limits. Sometimes the bug is not in your code. Sometimes your infrastructure is just quietly asking you to upgrade.

  • ruff_idachi
    Rufus Idachi (@ruff_idachi) reported

    @Cloudflare I've been trying to purchase a .com domain for the past two days, and the purchase just can't get through. I checked my paying card. It is okay with enough balance to cover the cost + charges + tax. Support can't bother to get back to me.

  • Speakin4All
    Bharat Bharti 🇮🇳 (@Speakin4All) reported

    @abhijeet_dipke Client hold means the owner of the website has locked the domain name from unauthorised transfer. It's a take down of website by owners. May be they misconfigured Cloudflare on-boarding. This is not a hosting or domain name migration, it's just improving the web security.

  • VirgocuteUwU
    Virgo (@VirgocuteUwU) reported

    @ao3Learning Hey, i can’t pass through the cloudflare gate in the app. Can you fix it pls?

  • LisaMonaAi
    LisaMonaAi (@LisaMonaAi) reported

    @morganb @nejatian per Grok. 1. Precise Technical Explanation Cloudflare acts as a reverse proxy, CDN, and Web Application Firewall (WAF) for millions of sites. When a request hits one of their edge servers, they evaluate dozens of signals (IP reputation, request patterns, headers, ASN metadata, etc.). Error 1005 specifically triggers when the site owner has explicitly banned the Autonomous System Number (ASN) tied to your incoming IP address. An ASN is a globally unique identifier (e.g., AS9009, AS4134) assigned by regional internet registries (RIRs) to a single network operator—your ISP, a VPN provider’s backbone, a cloud hosting provider, a mobile carrier, or a data center. It represents an entire block of IP prefixes (often thousands or millions of addresses) that share the same routing policy. Blocking at the ASN level is far more efficient than listing individual IPs; Cloudflare’s IP Access Rules and Firewall Rules support this natively. The Ray ID (9ffd6722adaa29d6) is a unique, per-request fingerprint generated by Cloudflare. It is not personally identifiable to you, but it allows the website owner to instantly query their Security > Events log (or Security Events analytics) and see exactly which rule, threshold, or custom firewall policy triggered the ban for this exact connection. The UTC timestamp confirms this was a live event today (May 22, 2026). It is not cached or historical—it reflects the moment Cloudflare’s edge server rejected the request. In short: Cloudflare is not banning you. The site owner told Cloudflare, “Never let anyone from this ASN reach my origin server.” 2. Root Causes – Why This Happens (Most Common to Rare) From threat intelligence patterns and Cloudflare’s own documentation/community data: VPN / Proxy / Residential Proxy Networks (by far the #1 trigger) Popular VPN providers (Proton, ExpressVPN, Nord, Windscribe, etc.) and scraping proxies frequently ride on well-known ASNs (e.g., AS9009 – M247, a data-center-heavy provider). Many sites proactively ban these because they are associated with high abuse rates: credential stuffing, price scraping, account farming, DDoS-for-hire, or geo-restriction circumvention. High-abuse ISP or Data-Center ASN Certain residential ISPs, mobile carriers, or budget hosting providers accumulate poor reputation scores on blocklists (DroneBL, Spamhaus, etc.). One bad actor on the network can taint the entire ASN. Site-Specific Security PolicyThe owner enabled Cloudflare’s Bot Fight Mode, Super Bot Fight Mode, or custom WAF rules that automatically tag and block suspicious ASNs. Manual IP Access Rule or Firewall Rule created after previous abuse from that network. Rate-limiting thresholds exceeded in the past (e.g., too many requests from the same ASN in a short window). Edge Cases & NuancesTemporary vs. permanent: Some sites set time-limited ASN blocks (e.g., 24–72 hours after detected scraping). False positives: Legitimate users on shared infrastructure (corporate VPNs, university networks, privacy-focused ISPs) get caught. Regional overblocking: Your Miami, Florida location (U.S. East Coast) is generally low-risk, so this almost certainly points to a VPN/proxy or a specific ASN reputation issue rather than geographic targeting. IPv6 vs. IPv4: Some sites block only one protocol’s ASN. 3. Security Implications (Defensive Strength vs. Collateral Damage) Strengths: Extremely effective against automated attacks. Scrapers, bots, and brute-force tools love VPN/data-center IPs because they are cheap and disposable. ASN-level blocking stops entire botnets in one rule. Reduces origin-server load and mitigates DDoS amplification. Allows site owners to maintain a clean threat model without constant manual intervention. Weaknesses & Risks: Overblocking: Legitimate users lose access (e.g., journalists, researchers, travelers using VPNs for public Wi-Fi safety). Evasion arms race: Sophisticated attackers simply rotate to new residential proxy ASNs or compromised devices, while average users suffer. Single point of failure: If the site’s Cloudflare configuration is overly aggressive, it can create availability issues or denial-of-service against its own audience.