1. Home
  2. Companies
  3. Cloudflare
Cloudflare

Cloudflare status: hosting issues and outage reports

No problems detected

If you are having issues, please submit a report below.

Full Outage Map

Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Problems in the last 24 hours

The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by Cloudflare users through our website.

  • 36% Domains (36%)
  • 29% Cloud Services (29%)
  • 14% Web Tools (14%)
  • 14% Hosting (14%)
  • 7% E-mail (7%)

Live Outage Map

The most recent Cloudflare outage reports came from the following cities:

CityProblem TypeReport Time
New York City Hosting 2 days ago
Manchester Domains 22 days ago
Angers Cloud Services 1 month ago
London Domains 1 month ago
Noida Hosting 2 months ago
Jewar E-mail 2 months ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

  • Alexvx_nft
    ALEXYZ (@Alexvx_nft) reported

    YOU'RE BURNING API DOLLARS ON TASKS THAT HAVE A FREE PATH. MOST BUILDERS USE EXACTLY ZERO OF THEM. — Zefi mapped every major lab's free tier for a week (verified July 2026) most people pay before they even check what's unclaimed: > Google AI Studio · ~1,500 req/day · 1M tokens/min · no card > Groq · 14,400 req/day · 300+ tok/sec > OpenRouter · ~26 free models · one API key > OpenAI + Anthropic · $5 trial credits each > startup stack · $25K + $25K API · up to $350K Google Cloud > student stack · Cursor Pro + Perplexity + Copilot = $0 full dev setup — the Claude Code hack is the part nobody bookmarks: point ANTHROPIC_BASE_URL at Groq / Cloudflare / OpenRouter agentic loop on free third-party inference not official. works anyway. — same week GPT-5.6 tier routing went viral and loops guides hit 1.2M views CT still argues model scores while leaving $440+ in free access on the table the leak isn't which model you picked it's which free path you never claimed full map quoted below

  • kimmonismus
    Chubby♨️ (@kimmonismus) reported

    Every Sunday we publish an exclusive interview in the Superintelligence newsletter. The last few: - Ahmed Awadallah, Partner Research Manager at Microsoft Research AI Frontiers, on small on-device agents that go toe to toe with the giants. - Phil Gurbacki, VP of Product for Weights & Biases at CoreWeave, on a research agent that reads your experiments and launches the next training run itself. Akshay Kothari, Co-Founder and COO of Notion, on a million custom agents. - Coming up: Cloudflare, Google Cloud, and several more I can't announce yet. - The part I still find hard to believe is that I get to sit down with the people actually building this. Every week, someone new. Subscribe for free down below:

  • formatpal
    Stake Exposed ⚖️ (@formatpal) reported

    @Stake Code Segregation and Infrastructure Concealment To protect the development team and systematically obfuscate the physical location of the backend infrastructure, a highly secure code-deployment strategy is enforced: Siloed Access (Microservices Dependency): No individual developer in Belgrade has access to the complete monolithic codebase. Tasks are strictly divided: one engineer manages the wallet integration, another maintains a specific game, and a third works on the Risk Engine. Automated CI/CD Pipelines: Code written in Belgrade is committed to enterprise GitHub/GitLab repositories and deployed automatically via secure pipelines (using Docker, Kubernetes, and Terraform). The code is deployed directly to cloud servers hosted by Amazon Web Services (AWS) located in Frankfurt (Germany) and Dublin (Ireland) to minimise latency for European and Middle Eastern players. Cloudflare Enterprise Cloaking: The backend servers are never directly exposed to the public. All incoming traffic is routed through Cloudflare's Enterprise reverse proxy, which masks the real AWS IP addresses. When users attempt to trace the platform's servers, they see IP addresses mapped to the US or Western Europe, completely masking the technical engine room operating from Belgrade.

  • InderpreetSingh
    inder (@InderpreetSingh) reported

    I still think about this a lot. So many websites are struggling with Identity management. Standards are in shambles and enforcement is non existence. What that means is folks like Cloudflare and Vercel are shutting down all AI bots and smaller teams have no fine grained control.

  • unclebigbay143
    U N C L E BIGBAY ✨ (@unclebigbay143) reported

    Today's Engineering Concept: '𝗥𝗮𝘁𝗲 𝗟𝗶𝗺𝗶𝘁𝗶𝗻𝗴' 𝗪𝗵𝗮𝘁 𝗶𝘀 𝗥𝗮𝘁𝗲 𝗟𝗶𝗺𝗶𝘁𝗶𝗻𝗴? Rate limiting is the practice of restricting how many requests a user or system can make within a specific period. 𝗪𝗵𝘆 𝗱𝗼𝗲𝘀 𝗶𝘁 𝗺𝗮𝘁𝘁𝗲𝗿? Without rate limiting, a single user or malicious bot could overwhelm your server, degrade performance, or abuse your APIs. 𝗥𝗲𝗮𝗹-𝘄𝗼𝗿𝗹𝗱 𝗲𝘅𝗮𝗺𝗽𝗹𝗲 Imagine a login endpoint with no rate limit. An attacker could attempt thousands of password combinations every minute. A simple rate limit can significantly reduce the effectiveness of brute-force attacks. 𝗛𝗼𝘄 𝗶𝘀 𝗶𝘁 𝗶𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗲𝗱? Most systems track requests by IP address, user account, or API key. Once a predefined limit is reached, the server temporarily rejects additional requests, often with an HTTP 429 (Too Many Requests) response. 𝗪𝗵𝗲𝗿𝗲 𝗶𝘀 𝗶𝘁 𝘂𝘀𝗲𝗱? • 𝗚𝗶𝘁𝗛𝘂𝗯: GitHub's REST API limits how many requests you can make per hour to prevent abuse and ensure fair usage for everyone. • 𝗦𝘁𝗿𝗶𝗽𝗲: Every payment request can include an Idempotency-Key, ensuring a customer isn't charged twice if the same payment request is retried. • 𝗢𝗽𝗲𝗻𝗔𝗜: The API enforces rate limits on requests and tokens per minute, helping maintain reliability and preventing a single application from overwhelming the service. • 𝗫 (𝗳𝗼𝗿𝗺𝗲𝗿𝗹𝘆 𝗧𝘄𝗶𝘁𝘁𝗲𝗿): X limits actions such as following many accounts, liking posts, posting, or sending DMs within a short period to reduce spam and bot activity. • 𝗖𝗹𝗼𝘂𝗱𝗳𝗹𝗮𝗿𝗲: Cloudflare lets website owners configure rules like "block or challenge any IP that makes more than 100 requests in a minute" to protect against abuse and DDoS attacks. ...and almost every public API uses rate limiting to protect its infrastructure, ensure fair usage, and maintain service availability. 𝗧𝗵𝗲 𝘁𝗮𝗸𝗲𝗮𝘄𝗮𝘆 A reliable system doesn't just answer requests. It also knows when to say "not now. It's too many from YOU."

  • devsandip
    Sandip Dev (@devsandip) reported

    holy **** @Glassdoor and @indeed all i wanted was to read a few interview questions for a particular company on glassdoor. now i have spent the last 10 minutes, filling 2 otp, 5 cloudflare capthas, yes/ok/continue on like 2 dozen screens and you still want more info. **** you

  • ematt
    Matt Gibbs (@ematt) reported

    Meta gets to scrape our work for free to train its AI. We get the compute bill, engineering cleanup and downtime. Its crawler knocked one of my sites offline in the process. In a 45-minute window, meta-externalagent made ~1,210 requests. 849, roughly 70%, ended as 499s: the crawler opened them, then abandoned them. The burst hit hundreds of long-tail dynamic URLs. At the same time, usage jumped to ~2 CPU cores, memory climbed from under 1 GB to 5.4 GB, V8 exhausted its heap, and four Cloudflare health checks failed. This wasn’t a giant volumetric DDoS, and Cloudflare didn’t fail. Another app on the same server handled 126,000+ edge requests during the same window. The problem was concurrency. Abandoned requests left expensive Redis, Supabase and React rendering work running at the origin. A CDN can cache completed responses. It cannot cancel application work already underway. Our origin should have had stronger backpressure and disconnect cancellation. That’s being fixed. But a weakness in our stack doesn’t make Meta’s crawler behaviour reasonable. Meta gets the AI training material for free. Publishers absorb the compute costs, engineering time and downtime. How is that remotely fair?

  • SecureChap
    SecureChap (@SecureChap) reported

    Proofpoint researcher Rachel Rabin published a technique that turns Microsoft Entra ID error codes into a credential oracle. An attacker posts to the /common/oauth2/token endpoint using the ROPC flow and a random UUIDv4 client_id that matches no registered application. Entra replies with AADSTS50034 for nonexistent usernames, AADSTS50126 for valid usernames with bad passwords, and AADSTS700016 when both username and password are correct. The sign-in log records only the GUID; the application name field stays empty and no successful sign-in event is created. Campaign UNK_pyreq2323 ran from January through March 2026 using python-requests/2.32.3 from AWS. It generated 700,000+ client_ids by mutating the last six digits of the Exchange Online first-party app ID and tested over one million accounts across roughly 4,000 tenants, locking out 28 percent of targets. A second campaign, UNK_OutFlareAZ, began in December 2025 via Cloudflare and enumerated alphabetically from wordlists using 3.7 million fully random UUIDv4 client_ids against two million users. Two unrelated actors reached the same client_id spoofing method independently. The same observable behavior that powers normal authentication also supplies the validation signal.

  • CosminDolha
    Cosmin Dolha (@CosminDolha) reported

    If Apple were to decide to build a battery-powered SBC geared toward edge AI (inference), and just put the M1-M2 chip with 8 GB Ram, it would obliterate anything on the market, even if priced a bit higher, let’s say in the range of 300-400 USD. There are no SBC that can achieve the latency of Apple Silicon for local edge AI. But you don't really have to wait for Apple to do that (chances are, they won’t), since most of the intelligence for your edge AI projects can be easily streamed from a Mac mini to any device, including MCU (ESP32, etc.) and including outside your Network by using Tailscale or Cloudflare. Also, you can buy a refurbished Mac mini with M1, at around $280– $350. You won’t have the GPIO, if you really need them, you can use a USB-to-GPIO module, but this is for inference, so you would have your gadget built with your end-client choice, an ESP32, or some low-powered Linux, and stream inference results to it. Apple has won the edge AI hardware race; its not even close, price/performance. Maybe they don't really have to win the software stack, since that will be commodities.

  • illyamoss
    Illya Moss (@illyamoss) reported

    Publishers and journalists. STOP LOSING MONEY. Your paywall doesn't know the difference between a first-time visitor and your most loyal subscriber. Enterprise platforms fixed this years ago - for five figures a year and a cut of your revenue. I said **** that. Spent the last few days building the same tech for under $20/month, open source: → Cloudflare Workers score every reader in <2ms at the edge → Pure TypeScript logistic regression - 4 signals (frequency, recency, engagement, velocity), zero Python, zero ML infra → Upload GA4 + Stripe exports, click train, model updates in seconds → Runs on Next.js 15 + Supabase Postgres MIT licensed. No lock-in. No revenue share. No sales call. Startup Slaying Session 03. If you're a publisher watching a dumb metered gate leak subscription revenue - comment PAYWALL and I'll DM you the repo + setup guide.

  • DrewAlpha888
    drew anderson (@DrewAlpha888) reported

    The best tech opportunities often appear after the excitement cools down. $CRWD (CrowdStrike) — Don’t buy $NET (Cloudflare) — Don’t buy $CRM (Salesforce) — Buy at $158–$163 $NOW (ServiceNow) — Buy at $94–$100 $FTNT (Fortinet) — Buy at $156–$163 $ZS (Zscaler) — Buy at $140–$148 $SNPS (Synopsys) — Buy at $414–$420 $ON (ON Semiconductor) — Buy at $86–$90

  • rohan_2502
    Rohan Kulkarni (@rohan_2502) reported

    Hiring a dev. ( ya say clickbait but read full, you will get some idea ) might sound funny, so easy just add a folder and call it an hiring. right ? not actaully So it's been 2 weeks this system is running. Every agent has their own infra and some @Cloudflare workers running, so like when I say they work when I sleep - they actaully do. the rule is, agent never touches the code part. so I was using claude-code to manually setup standards and make sure things are smooth. but today, there were a lot of workers which are running but I need to have a proper idea about are they 200 ok, or some env are missing what's exactly benifits we are getting. and all technical things which I have been doing till now. So hired MISO. Now this role which have added, the work will be to just give me an update in the morning. OK this agent ran 3 workflows as regular everything is fine. Your X api limits are reached, need to add money. Getting it ? so this will act as a layer which can help me to build and code parallel. So excited to see how this performs. And if you see me launcing some micro-saas, that's build with help of "MISO"

  • ICPapprentice
    The ICP Apprentice (@ICPapprentice) reported

    $ICP Signal ♾🚨: Cloudflare just admitted the internet's business model is dead. Ads and subscriptions were built for humans who watch and keep paying. AI agents do neither. They grab the content once and leave. So the company sitting in front of a fifth of the web built a "Monetization Gateway." It swaps a 401 Unauthorized for a 402 Payment Required and collects the toll in the middle. The chokepoint just made itself the tollbooth. But here's the tell. Visa and Stripe can't clear a payment worth less than a cent. So how does Cloudflare settle it? Stablecoins. Crypto rails. The exact plumbing Web2 spent a decade calling a scam. The most powerful company in Web2 just built the future of internet payments, and it doesn't run on Web2. On $ICP, the canister ♾ that serves the content is the same thing that charges for it. No gateway. No landlord taking the toll. Cloudflare proved the agentic internet needs native settlement. They built it as a middleman. The other internet already removed the middle. See the signal♾🚨 Full article in comments

  • batuhan
    batuhan içöz (@batuhan) reported

    all the stocks i got in the last few months are down but cloudflare is up enough to cover

  • taigrr
    Tai Groot 🐧 (@taigrr) reported

    @corrieuys @vercel @Cloudflare I actually think workers might be the worst paradigm for htmx But they are worth it for those sweet, sweet durable objects 🤤

  • itsclarkholden
    Clark (@itsclarkholden) reported

    PRO TIP: Use cloudflare email routing and sending to make a custom email client for your Saas. No need to pay for support tools like Front.

  • AiOs_public
    Iaroslav Sorokin (@AiOs_public) reported

    @eastdakota @Cloudflare The talent-drain-becomes-customer-acquisition flywheel only works if the people leaving actually keep building on your infra instead of the new employer's stack. Curious how much of that Workers growth is ex-employees versus just general OpenAI ecosystem spillover.

  • NaorisProtocol
    Naoris Protocol (@NaorisProtocol) reported

    @mariozz_13_ @Cloudflare Cloudflare protects traffic in transit at the edge. It doesn't touch what's already signed and sitting permanently on a blockchain, that's a different problem entirely

  • woocassh
    Lukasz (@woocassh) reported

    Today I moved away from supabase for SubtitlesFast supabase -> SQLite I used supabase as an experiment last year. It was so easy to setup a db, few clicks barabim barabum and it's done always thought that setting up db instance on server was a pain, passwords, permissions, friction in general so supabase definitely reduced the friction but holy ****, i never realised how much latency it added to my product I moved to SQLite as per papa's @levelsio advice and my app is VISIBLY quicker on the frontend RankGoat is already on SQLite and it's a breeze also debugging with Claude is much easier now note to self: keep it simple stupid just remember to run regular backups to another server and you're golden the next experiment is to try Cloudflare for email I think and shed the Postmark bill, anyone done this yet?

  • RamseyPulse
    julian ramsey (@RamseyPulse) reported

    I’ve cut my watchlist down to 7 names. Nothing else comes close. $ANET (Arista Networks) — Buy at $174–$180 $CDNS (Cadence Design) — Buy at $358–$370 $NET (Cloudflare) — Buy at $250–$258 $AKAM (Akamai) — Buy at $117–$121 $INTC (Intel) — Buy at $102–$106 $SNPS (Synopsys) — Buy at $420–$432 $QCOM (Qualcomm) — Buy at $176–$182 If I had to keep only one, I’d choose $ANET. What’s your pick?

  • memselon
    Umut Sevinc (@memselon) reported

    Question for SaaS devs: where do you store your users files? We’re building a Framer plugin for 3D mockups (still in the kitchen). Every user uploads photos/videos to display on device screens. The trap we almost missed: storage costs nothing, it’s the WAY OUT that costs. A 13MB video stored once, but downloaded by every visitor of every landing → terabytes of bandwidth → ~€500/mo on Supabase. Our fix: Supabase keeps the scene (device, color, texture , a few KB), Cloudflare R2 serves the heavy files. R2 charges nothing for outbound bandwidth. Zero. Unlimited. Result: ~$26/mo instead of 500. Would you have done it differently? #buildinpublic

  • e_tartakovsky
    Eugene Tartakovsky (@e_tartakovsky) reported

    Googlebot still reads the web about as much as every AI crawler combined. Per Cloudflare, in July 2025 Googlebot was 39% of crawler traffic, while GPTBot was 12%, ClaudeBot about 10%, and Meta's bot under 8%. Measured across a full year, Googlebot made up 4.5% of all page requests and every AI bot together 4.2%. One crawler roughly equals the whole field. The raw fetch counts say the same. On Vercel's network in one month, Googlebot made 4.5 billion fetches, against 569 million from GPTBot and 370 million from ClaudeBot. Demand is smaller than the noise suggests too. Per Pew, 34% of US adults have ever used ChatGPT. Most searching still happens the old way. This is worth saying because companies are now writing files and changing configs specifically for AI bots, sometimes blocking the crawlers that send them the most readers. And Googlebot is the only one of these crawlers that renders JavaScript, so it is also the strictest reader to satisfy. The work that makes a page readable to AI is the same work that has always made it readable to Google: finished HTML from the server, a clean sitemap, content that does not hide behind scripts. There is no separate AI project waiting to be funded. There is the foundation you already owed Google. And Google still does most of the reading.

  • anakinHQ
    Anakin (@anakinHQ) reported

    September 15 is the Cloudflare date to watch. Mixed-use AI crawlers get blocked by default on ad-supported sites. Most AI data pipelines run a headless browser and get caught. Wire calls the XHR endpoints a site's own frontend already uses, so there's nothing to fingerprint. It's a browser problem, not a network-layer problem. Use our Wire for your data and bypass the whole thing!

  • adkinn
    Adam Kinney (@adkinn) reported

    Anyone out there need a Cloudflare admin? I've automated basically everything else. Claude and I ship apps together all day — it writes the code, wires the APIs, argues with me about naming. Genuinely a great colleague. But the second I open the Cloudflare dashboard, it goes quiet. DNS records, page rules, that one Worker route that's definitely correct and definitely not working — and Claude's just like: "That's all you, man."

  • Wrix2
    W. Rix Victory II (@Wrix2) reported

    @nikitabier My visibility is near zero and I joined around 16 years ago. Spent 6+ months with cloudflare screwing me up horribly. Stripe rejected my CashApp, but it handshakes with it elsewhere. On top of recovering from being run over by a truck, these issues have been very painful.

  • mick__net
    Mick.net - Maker: Document.Bot 🤖 BestTime.app 🎉 (@mick__net) reported

    @sumukx I like 5.6 but same here in terms of OCD chasing targets. I asked to use a cloudflare tunnel. After 1h still OCD retrying i asked why it took so long and what it is blocking it. Then it replied i need you to run ‘cloudflare login’ in the terminal for auth. I think 5.5 would have asked directly instead of trying really hard with 100’s of unsuccessful work arounds.

  • ruckiand
    Andrej Ruckij (@ruckiand) reported

    On the last few AI-visibility audits I ran, the thing making a site invisible wasn't the content — it was Cloudflare blocking the AI crawlers by default. Nobody switched it on; it's been the default since last July. Pages are fine, the bots just never get in. It's the first thing I check now.

  • talk2sunder
    Sunder (@talk2sunder) reported

    Our Teams bot went silent. Zero errors. Zero logs. Azure said healthy, Cloudflare said healthy, our servers said healthy. Slack worked fine. Same bot, same endpoint. Gave it to Claude (Fable 5). It pointed the bot's endpoint at a plain webhook listener. Microsoft's messages showed up instantly. So Teams WAS sending — something about our edge was unreachable. One openssl probe later: our CDN required TLS 1.3, and Microsoft's Teams delivery fleet still speaks TLS 1.2. No logs because of handshake failire. Fable 5 rocks.

  • NicW_AI
    Nic Wienandt (@NicW_AI) reported

    📷 A real agent browser, not a scraper. JavaScript sites, dashboards, web apps. The agent drives a genuine headless Chrome browser, reads what a human sees, and screenshots it into your workspace. AI constantly get held up by Cloudflare and robots.txt. Problem solved.

  • Sachin_is_here
    Sachin Joshi (@Sachin_is_here) reported

    Cloudflare also inserted itself at the perfect architectural layer: between users and origin servers. Once traffic already passed through its network, it could offer new products without asking customers to redesign their applications. CDN became the entry point.