1. Home
  3. Companies
  5. Cloudflare
Cloudflare

Cloudflare status: hosting issues and outage reports

No problems detected

If you are having issues, please submit a report below.

Full Outage Map

Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Problems in the last 24 hours

The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by Cloudflare users through our website.

  • 43% Domains (43%)
  • 28% Cloud Services (28%)
  • 17% Hosting (17%)
  • 9% Web Tools (9%)
  • 4% E-mail (4%)

Live Outage Map

The most recent Cloudflare outage reports came from the following cities:

CityProblem TypeReport Time
Prievidza Domains 10 hours ago
Farmers Branch Web Tools 4 days ago
Helsinki Cloud Services 6 days ago
Crisfield Domains 8 days ago
Nanaimo Web Tools 9 days ago
New York City Web Tools 9 days ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

  • DrAmir0078
    Amir Fadhel (@DrAmir0078) reported

    @MattieTK Thanks, Matt — it is fixed now. The button returned about 2 hours later, and Cloudflare Community also confirmed the issue was fixed. Yes, I really use Pages deployment from mobile. For the last 6 months, I’ve been building and updating multiple PWA/web apps on Cloudflare. Around 15% of my deployment work happens from my phone — small fixes, urgent patches, testing, and quick feature updates while I’m away from the laptop. Typical use case: I get an idea before sleeping, while walking, or while outside the hospital, edit the app, upload the ZIP/folder, and deploy directly from mobile. Sometimes I also need to urgently debug or patch something live. So the mobile “Create deployment” workflow is not just convenience — it is part of a real on-the-go development workflow. Please keep supporting it.

  • WebDevCaptain
    Shreyash (@WebDevCaptain) reported

    I recently started exploring Cloudflare stack in depth, and they have actually built quite a lot of things, and i was actually sleeping over it. So many cool services on their edge network. The only thing that's preventing architects to move their workloads is the lack of OTel tracing for multi cloud setups

  • NotNordgaren
    The Bingus Man (@NotNordgaren) reported

    @_winter_wonders "crashed half the internet (Cloudflare)" This guy never read the Cloudflare post-mortem. Even if they handled the error there, I am pretty sure they still would have needed to crash. The actual issue was with their database, not the actual Rust code that failed.

  • HeidyKhlaaf
    Dr Heidy Khlaaf (هايدي خلاف) (@HeidyKhlaaf) reported

    @ZackKorman To be frank they specifically created an offensive model (for fearmongering) that they try to repurpose as defensive by saying exploits help "prioritize" vulns. Even Cloudflare blog notes Mythos has an advantage for exploit development rather than vuln discovery over other models

  • nstlopez
    Néstor (@nstlopez) reported

    Small Cloudflare Workers deploy debugging note: If "wrangler secret bulk --env ..." fails before deploy with code 10214, check the Worker’s latest version state. The problem may not be your secret value. Cloudflare can reject settings edits when the latest version has modified settings but is not currently deployed.

  • The_Barbiter1
    The Barbiter (@The_Barbiter1) reported

    @lesbiancima Like can we just skip to the part the wretched platform turns to a 404 cloudflare service error so everyone goes somewhere else😭

  • Goeun_6121
    Ryzm (@Goeun_6121) reported

    The internet did not suddenly get broken. Someone finally sent AI into the basement. Mozilla found 271 Firefox bugs with Claude Mythos. Cloudflare says the model was not just yelling “bug.” It could test, prove, and chain issues like a real security researcher. That is the uncomfortable part.. For years, a lot of the internet survived because the code was too old, too boring, and too annoying to inspect line by line. Now a model can do the boring part without getting tired. So the new problem is not “can we find the bugs?” Apparently, yes. The problem is the pile after that. Who checks it? Who patches it? Who tells the maintainer? Who ships the fix without breaking something else? AI made the flashlight bigger. The basement is still full..

  • NorretteM
    Norrette Moore (@NorretteM) reported

    @paullewismoney I've seen "cloudflare" issues on inheritance sites. If you recall, cloudflare had a big outage a year or two ago. It often sits between urls and ip addresses

  • bodhi3attva
    Bodhisattva🍁 (@bodhi3attva) reported

    Government block claim is misleading. Technical checks show: > Domain is on clientHold status > Public DNS resolvers like Google (8.8.8.8) and Cloudflare (1.1.1.1) now return NXDOMAIN > Website earlier resolved and returned HTTP 403 from active Hostinger infrastructure This usually indicates registrar/hosting-side restriction, suspension, or intentional access denial not a typical ISP/government block. If the government had blocked it directly, public DNS would usually still resolve the domain while access would fail at the ISP/network level through DNS poisoning, connection resets, or filtering. The owner most likely did it himself.

  • JeffSte17327059
    Jeff Steve (@JeffSte17327059) reported

    @0xBunny hosting service?? hosting what? a website? i know gitlab provides free static object hosting, so I use squarespace for domain purchase, gitlab for website assets and cloudflare for the DNS services

  • LuminousTheReal
    Lu (@LuminousTheReal) reported

    @PromeTang Hey PromeTang, I emailed support to get mine fixed. Their ai bot said it might be because of vpn, are you using it? Ask codex to tell you how to curl openai and cloudflare and see if cloudflare is blocking you. After I noticed that, I fixed it, and it's been good.

  • iraftopo
    Yannis Raft · Building RankQuest (SEO) (@iraftopo) reported

    @ClimStefan The problem with serverless hosting is the limits they have on free plans and in general. It might not be free, but a VPS is surely an awesome choice that solves that exact problem. I faced a similar problem with Cloudflare free and that's why I switched to my own VPS. A lot more freedom.

  • PickleNik0864
    PickleNik (@PickleNik0864) reported

    @developedbyed @Cloudflare damn I needed this like 3 months ago but unded up going with Mux cuz I couldn't be bothered to figure this out on top of other things. Thankfully my usage isn't high enough to hit free limits so far

  • sageasika
    Emmanuel Efe Asika 🇮🇪 (@sageasika) reported

    @TosinOlugbenga @nooriefyi Need to use OpenNext, cloudflare doesnt support a ton of NextJs features that vercel does.

  • mrloldev
    Leonardo (@mrloldev) reported

    Is cloudflare down ? Warp just stopped working and their dashboard too

  • SomuchForTHA
    ShootyShiba 🇺🇸 (@SomuchForTHA) reported

    @KiwiFarmsDotNet @Cloudflare The ADL makes themselves look bad than any of the people they try to silence.

  • techwhipped
    Robert Foster (@techwhipped) reported

    @JETIXFILO @ruskritz Also Cloudflare doesn't take down site they only send information over to the hosting provider which it up to the hosting provider to take the the site it mostly likely that site is still online Cloudflare will also be in violation of the new Take Down act also.

  • DustinGHamilton
    Dustin Hamilton (@DustinGHamilton) reported

    @jackfriks @postbridge_ @supabase You don’t need this database.. all of you younger guys buy into all this third-party extra crap You can run a local psql with some auto backups, a heztner vps with a lot of ram is like $30-40/mo and cloudflare R2 for your media, pushing it from your vps with their s3 clone api.. you could host your whole thing for $100 or less and have complete control without all these crazy third-party services you dont need I used to have a large casual game site that had 5 million uniques a day and I ran it on five clustered web servers with 3 replicated sql dbs.. everything every modern app does is complete overkill bullshit

  • aethroc
    Ruben Herz (@aethroc) reported

    Anthropic's Claude Mythos found 10,000+ critical bugs in one month — 2,000 at Cloudflare, 271 in Firefox. Only 97 patched upstream. AI finds vulnerabilities faster than engineers can fix them. That's the new bottleneck in cybersecurity. #AI #Cybersecurity #Glasswing

  • WaryaWayne
    Warya Wayne (@WaryaWayne) reported

    I just made an MCP server connected it to Claude desktop. It works and gets the render ID but the cloudflare tunnel might be blocking the iframe? It shows as a white panel. I download the html and see it in the browser. It might be a CSP or frame-src issue. Looking into it rn

  • WebDevCaptain
    Shreyash (@WebDevCaptain) reported

    "But what about traditional non-HTTP infrastructure tracking? My team runs random legacy TCP/UDP gaming, IoT, or real-time database servers." Look at Cloudflare Spectrum. It pushes unmetered DDoS mitigation and edge network acceleration way past standard L7 reverse proxy constraints. You proxy raw TCP and UDP applications directly through their global hardware lines. You can tie it into Argo smart routing to completely minimize packet loss and server-side connection congestion worldwide. #Networking #SysAdmin #DevOps

  • UdditRise
    uddit_rise (@UdditRise) reported

    Every cloud is racing to sell agents a VM: Vercel, Cloudflare, Google. Fine for 30s tasks. Breaks the moment an agent needs storage, identity, networking. Next primitive is a mini-cloud agents own, not a box they rent. Clusters are 2 orders too slow.

  • gabrielnocode
    Gabriel (@gabrielnocode) reported

    @nooriefyi What??? 22k on @vercel I'm sure you can get it down to $280/m with better quality using @Cloudflare Weird triangle company is such a scam

  • igracemt
    Igrace Mediatech (@igracemt) reported

    Real users can’t access the site. 🟢 Revenue Loss: Especially critical for e-commerce or service platforms. 🟢 Reputation Damage: Constant instability drives users to competitors. Quick Defense 1 WAF / CDN: Services like Cloudflare act as a shield, filtering “bad” traffic

  • MichaelGannotti
    Mike Gannotti (@MichaelGannotti) reported

    THE HOOK Anthropic's Project Glasswing just dropped its first update, and the headline number is staggering: Claude Mythos Preview has found more than 10,000 high- or critical-severity vulnerabilities in system-critical software — in one month. Cloudflare alone flagged 2,000 bugs (400 high/critical). Mozilla patched 271 Firefox vulnerabilities, 10x what the previous Claude model caught. This isn't a lab demo. This is production software that runs the internet. But the real story isn't the discovery rate. It's the patching rate. THE INTERPRETATION The data reveals something the headline misses: of the 23,019 total vulnerabilities Mythos found across 1,000+ open-source projects, only 97 have been patched. Not 97%. Ninety-seven total. Of 530 high/critical bugs disclosed to maintainers, only 75 are patched. Only 65 have public advisories. Let me put that in perspective: Anthropic's AI is uncovering vulnerabilities roughly 10x faster than the security ecosystem can fix them. The 90.6% true-positive rate is impressive — this isn't noise. But the funnel from discovery → triage → disclosure → patch is collapsing under volume. Several open-source maintainers have asked Anthropic to slow down disclosures because they can't keep up. Think about that: the defensive AI is outpacing the human defensive capacity, and the humans are asking it to stop telling them what's broken. THE IMPLICATION This is the most concrete example yet of what I'd call the "asymmetric capability gap" in AI. Finding bugs is an O(n) problem at the frontier — you throw more compute at scanning, you find more bugs. Fixing them is an O(n²) social coordination problem — every patch requires human review, architectural judgment, backward compatibility decisions, regression testing, and coordinated deployment across thousands of dependent systems. For business leaders building with AI, the implication is direct: your security posture can no longer assume that undiscovered vulnerabilities are your main risk. The risk is now *known but unpatched* vulnerabilities. The attack surface isn't shrinking — it's being illuminated faster than it's being contracted. Three concrete actions: 1. Shorten your patch cycles now. Microsoft and Palo Alto Networks are already shipping 5x more patches per release cycle. If your organization's patch SLA is 30 days, it needs to be 7. If it's 7, it needs to be 24 hours for criticals. 2. Invest in the boring fundamentals. Anthropic's own recommendation — MFA, hardened configurations, comprehensive logging — isn't new advice. But it hits differently when you realize that thousands of zero-days are being discovered monthly, and most won't have patches available before the 90-day disclosure window opens. 3. Audit your dependency tree ruthlessly. The open-source projects Mythos scanned underpin most enterprise stacks. If you're running unpatched versions of common libraries, you should assume the vulnerability is known to someone — it's just not known to you yet. THE COUNTERPOINT Here's what Anthropic's post carefully avoids saying: they're creating the problem and selling the solution. Mythos Preview isn't public — it's gated behind Project Glasswing partnerships. But Anthropic explicitly acknowledges that "models with similar cybersecurity skills will soon be more broadly available." GPT-5.5 already benchmarks close on ExploitBench. The defensive advantage of Glasswing is temporary by design. More importantly, the 90-day coordinated vulnerability disclosure window was designed for a world where vulnerabilities are rare and discovery is expensive. That model breaks when an AI can enumerate thousands of bugs in a month. The entire CVD framework — which balances disclosure timing between finders and vendors — assumes a trickle, not a firehose. Nobody has proposed a replacement framework that works at this volume. And there's an uncomfortable question Anthropic doesn't address: if Mythos-class capabilities will soon be available to attackers, is the net effect of publishing 10,000 vulnerability locations positive or negative during the window where only 97 are patched? Anthropic's answer is clearly "the knowledge helps defenders," but right now the ratio of discovered-to-patched vulnerabilities suggests defenders can't act on the knowledge fast enough. THE BOTTOM LINE AI has fundamentally broken the economics of vulnerability discovery. Finding bugs used to be the hard part; fixing them was routine. Now finding is cheap and fixing is the bottleneck. Every organization's security strategy needs to invert: stop optimizing for threat detection (the AI has that covered) and start optimizing for patch velocity and blast-radius reduction (the part humans still own). The companies that survive the next 18 months won't be the ones with the best threat intel — they'll be the ones with the fastest remediation cycles. #ProjectGlasswing #AICybersecurity #VulnerabilityManagement

  • FutureGenNews
    FutureGenNews (@FutureGenNews) reported

    Anthropic just dropped the first Project Glasswing update, and the numbers are wild. Claude Mythos reportedly found 10,000+ critical vulnerabilities in a single month. Cloudflare: 2,000 bugs, including 400 high/critical severity. Mozilla: 271 vulnerabilities in Firefox 150 — 10x more than were found in Firefox 148. UK AI Security Institute: first model to solve both cyber attack simulations end to end. One partner bank: stopped a fraudulent $1.5M wire transfer in real time. wolfSSL: found a certificate-forging issue in a crypto library used by billions of devices. Across 1,000+ open-source projects, Mythos had a 90.6% true positive rate after human review. The crazy part? Maintainers are reportedly asking Anthropic to slow down because they can’t patch fast enough. Cybersecurity may have just hit a new phase. The bottleneck is no longer finding bugs. It’s fixing them.

  • FtsyParliament
    Fantasy Parliament (@FtsyParliament) reported

    @rockerroblox1 Sorry about this, can you try usually 4g or a VPN at the moment? Having some ISP issues which I’m hoping will be mostly/entirely fixed by migrating to Cloudflare which I did about 7 hours ago!

  • asayeed95
    A Sayeed (@asayeed95) reported

    Cloudflare Workers: zero cold starts, runs at the edge globally. For a voice API, cold starts are fatal. A 500ms init on first request breaks the caller experience. Workers never have that problem.

  • FemiSuccess7
    FILM DB | ۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗۗh (@FemiSuccess7) reported

    CLOUDFLARE VECTORIZE DOESN’T EXPORT RAW FLOAT ARRAYS. SO I SET UP A LOCAL PYTORCH BACKGROUND SERVICE RUNNING CLIP. MY 4-CORE SERVER IS CURRENTLY GENERATING 69K VECTOR EMBEDDINGS IN THE BACKGROUND, AND WE MAPPED SEARCH TO A LOCAL PYTHON API ON PORT 7861.

  • 23bugz
    ronan (:3 っ)っ♏︎ (@23bugz) reported

    @Zotlann @spinelessaisha I do have a cloudflare domain at the moment but I feel like it's a little bit counter productive for me to just be routing all my apps back through a big corpo's servers lol, can't argue with how convenient it is though for a noob like me who doesn't know how to secure my ****