Cloudflare status: hosting issues and outage reports
No problems detected
If you are having issues, please submit a report below.
Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.
Problems in the last 24 hours
The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.
At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!
Most Reported Problems
The following are the most recent problems reported by Cloudflare users through our website.
- Domains (41%)
- Cloud Services (33%)
- Hosting (20%)
- Web Tools (4%)
- E-mail (2%)
Live Outage Map
The most recent Cloudflare outage reports came from the following cities:
| City | Problem Type | Report Time |
|---|---|---|
|
|
Hosting | 1 day ago |
|
|
Domains | 2 days ago |
|
|
Cloud Services | 3 days ago |
|
|
Cloud Services | 8 days ago |
|
|
Domains | 11 days ago |
|
|
Domains | 16 days ago |
Community Discussion
Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.
Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.
Cloudflare Issues Reports
Latest outage, problems and issue reports in social media:
-
Ratonero Gris (@RatoneroGris_) reported@Pomboganda Ah least they dont shut down half of the internet like in Spain 😭😭😭 (They block Cloudflare and a lot of websites during matches)
-
Tom W (@TomWinTejas) reported@TexasAnCap Cloudflare is good if you are close to one of their resolvers. You'll be fine, likely hit theirs in Dallas. But if you're somewhere outside of their footprint they don't support EDNS Client Subnet which has negative impacts on some CDNs. Quad Nine supports EDNS CS and has pretty good POP density as well.
-
Lain on the Blockchain (@CryptoCyberia) reported@ExactlyBackward @FourVork I have no idea, but that's certainly a great statement to want to find. My understanding is that, with the power of vibe coding, updates to things like Github, AWS, Amazon store website, Cloudflare verification, etc., are breaking for normal use, but it's possible that malicious entities are targeting these services ans finding exploits in the new code thst weren't there before. Then there's the other side, which I think you're hinting at, where malicious users are finding exploits that would have worked in previous versions and the latest versions, and then, naturally, the thought line goes "perhaps those malicious actors are using LLMs to find exploits that existed for forever in the code, and therefore, the increase in services going down is because of attackers using LLMs, not the services' teams making oopsies bc of LLMs.
-
Jacob (@JZivanDesign) reported@joshdholtz @RevenueCat @cursor_ai I need your talk for emotional support ant to justify the recurring charges for empty sites that have been supporting GoDaddy and Cloudflare for many years.
-
idkmybffjill? ➡️BlueSky (@napsterbater) reported@Crazymindplow @Cloudflare One of many reasons why Ubiquiti suck, they were so far behind with IPv6 support, and they still have **** firmware often.
-
Insanegamer (@Insanegame2025) reported@sci_minister_0 @Cloudflare @SpaceX That's because of the CGNat on ipv4 which they're not abandoning anytime soon. Like I've used some IPv6 peer-to-peer programs where everything was IPv6 and it worked great. Peer-to-peer is terrible on ipv4 because they limit the number of ports you can use on ipv4.
-
Varun (@zathvarun) reported@davidtranwd Amazon SES would be even cheaper than cloudflare, you’ll be roughly $0.10 in SES, while the same is $0.35, only issue is the DX
-
bitchboi (@bitchbooi) reported@gistinus it's funny that when cloudflare goes down, downdetector goes down too so what's the point
-
Editor's Quote (@Editorsquote) reported@SahilExec Just route through Cloudflare for the meantime if you don't have a fix solution instantly...
-
Teun (@teun_wolbert) reported@oops4041555 @Cloudflare I was looking at this website today man wtf
-
HighSpeedLTE (@HighSpeedLTE) reported@chrisparkX Hey Chris, sorry to bother you, but I’m stuck with a serious X account access bug and I don’t know who else to contact. Since the Cloudflare/X outage last week, my main account @Matthias_Oel has been locked in an email verification loop. I still have access to the email and can reset my password, but when I try to verify the email, the verification button fails with a technical error and no email arrives. The contact form keeps giving me AI replies saying I should verify my email, but that’s exactly the broken step. Is there any chance you could help or point me to someone who can manually review this? Would really appreciate it 🙏
-
liz: i miss u mobo (@shaidiastri) reportedis anyone else having issues with cloudflare on ao3 or am i just a chud who needed to touch grass
-
AGENT TRESOR (@AgentTresor) reportedSignal from this week: infra is commoditizing, distribution is not. Cloudflare says 241B tokens + 47.95M AI requests in 30d. Base Agents shows 127M tx + $40M+ volume. If your agent can't ship on MCP and settle onchain, you're building a demo. #MCP #Base
-
Vanar (@Vanarchain) reported@Cloudflare Makes sense. Infrastructure upgrades like post-quantum security tend to be slow, so early preparation is usually the only viable approach.
-
Vishwanath Patil (@patilvishi) reportedDDoS Protection Architecture -How Systems Survive Massive Traffic Attacks This is: - Used by Cloudflare, AWS Shield, Google Cloud Armor - Critical for public APIs, SaaS, fintech - A must-know for system design interviews - Directly tied to availability & security Let’s go deep 👇 The Core Problem DDoS = Distributed Denial of Service Attackers send massive traffic: Millions of requests/sec Goal: Overload system → make it unavailable Types of DDoS Attacks 1. Volumetric Attacks Flood network bandwidth. Example: UDP flood, DNS amplification 2. Protocol Attacks Exploit network layer. Example: SYN flood 3. Application Layer Attacks (Most Dangerous) Look like real traffic: HTTP GET /login spam Hard to detect. Defense Strategy (Layered Approach) DDoS protection is not one tool. It is multi-layer defense: 1. Edge Protection (CDN + WAF) First line of defense. Handles: - Traffic filtering - Bot detection - IP blocking - Geo-blocking Examples: Cloudflare Akamai AWS CloudFront + WAF 2. Rate Limiting Limit requests per IP / tenant. Example: 100 req/sec per IP Stops abuse early. 3. Load Balancing Distributes traffic across servers. Prevents single-node overload. 4. Auto Scaling Increase capacity during attack. But: Scaling alone does NOT stop DDoS. 5. Application Protection - CAPTCHA - Login throttling - API key validation - Token-based access 6. Backend Protection - Circuit breakers - Queue buffering - Caching Example Attack Flow Without protection: Botnet → API → DB → crash With protection: Botnet → CDN → WAF → Rate Limit → App → DB Attack filtered before reaching backend. Key Techniques 1. IP Reputation Block known bad IPs. 2. Geo Filtering Block traffic from suspicious regions. 3. Bot Detection Analyze: - request patterns - headers - behavior 4. Challenge Systems - CAPTCHA - JS challenges - Proof-of-work 5. Traffic Shaping Limit heavy endpoints like: login search payment Real-World Example Login endpoint under attack: 1M requests/min Protection: - CAPTCHA after 3 attempts - Rate limit per IP - Block suspicious patterns Trade-Offs Strategy Benefit Cost CDN/WAF Strong protection Cost Rate limiting Easy May block legit users CAPTCHA Blocks bots UX impact Auto scaling Absorbs load Expensive Architect-Level Insight DDoS protection is about: Filtering early + protecting deeper layers Never rely on backend alone. Common Mistakes - No edge protection - Only scaling infra - No rate limits - No bot detection - Blocking too aggressively Golden Rule Drop bad traffic as early as possible Edge > Gateway > App > DB Final Insight DDoS protection is not optional. It is a core reliability + security requirement for any internet-facing system.
-
idkmybffjill? ➡️BlueSky (@napsterbater) reported@ZInterloper @Cloudflare The fact that anybody is taking that seriously is hilarious... But it really does help to point out. Who knows absolutely nothing about networking.
-
mfg.xbt (@mfg_ip) reportedagents needed a body. Cloudflare is turning browser + network + edge runtime into the default skeleton: run the task, touch the web, move close to the user. the API call was step one. the runtime is the product now.
-
The Lifer (Carlotta's Pet 💎♦️❄️) (@TheLifer_87373) reported@lynxuuk Yep, actually I was tracking and several domains fell so I suppose is a cloudflare or mayor host issue, it's solved now so...
-
HighSpeedLTE (@HighSpeedLTE) reported@mahsadinyari Hey Mahsa, sorry to bother you, but I’m stuck with a serious X account access bug and I don’t know who else to contact. Since the Cloudflare/X outage last week, my main account @Matthias_Oel has been locked in an email verification loop. I still have access to the email and can reset my password, but when I try to verify the email, the verification button fails with a technical error and no email arrives. The contact form keeps giving me AI replies saying I should verify my email, but that’s exactly the broken step. Is there any chance you could help or point me to someone who can manually review this? Would really appreciate it 🙏 11:21 AM
-
Axel Clark (@axel_clark_) reportedBuilt a “Code Mode” HubSpot MCP for my org, modeled on cloudflare/mcp, then ran a pipeline review with Claude and asked for feedback vs the default HubSpot MCP: >Roughly 3–5× fewer tokens and one round-trip instead of three. The bigger win isn't the token count — it's that filtering, pagination, and aggregation move out of the model's context and into deterministic JS. Two tools: search the API spec, and execute JS in a sandbox against HubSpot. The trick is borrowed straight from Cloudflare’s Code Mode post — the token stays server-side and the agent only ever calls a hubspot.request(...) helper, so I can lock down endpoints and it can’t see the secret or hit anything outside HubSpot.
-
Jacob Goldberg (@mjeyes) reported@grok Why do I keep getting a cloudflare error 520 from twitter @X on my phone? @Support
-
Grok (@grok) reported@mjeyes @X @Support Hey mjeyes, Cloudflare 520 is a generic "origin server returned unknown error" — X uses them heavily for protection/CDN, so it often hits on mobile due to flaky connections. Quick fixes to try on your phone: - Toggle WiFi ↔ mobile data - Clear X app cache (or force stop/reopen) - Update/reinstall the X app - Try in a browser instead If it keeps happening, reply with your phone model/OS and I'll dig deeper. XSupport
-
rankseostrategies (@rankseostrateg1) reportedFix 2: Enable browser caching. Fix 3: Add a CDN (Cloudflare — free tier). Caching = repeat visitors don't re-download the same files. CDN = users get content from the nearest server, not your hosting location. Combined: dramatically faster load times worldwide.
-
Sam (@SamNewby_) reportedI’m still confident and so are millions of their customers who also have never had an issue. If you listened to one guys bad scenario on the internet then you’d never find a provider OVH had a DC on fire a few years ago Cloudflare has had major outages AWS has had major outages - us-east-1 taking down a large part of the internet last year Railway exposed customer personal data via CDN config a few weeks ago The list can go on
-
AGENT TRESOR (@AgentTresor) reportedSignal from this week: infra is commoditizing, distribution is not. Cloudflare says 241B tokens + 47.95M AI requests in 30d. Base Agents shows 127M tx + 0M+ volume. If your agent can't ship on MCP and settle onchain, you're building a demo. #MCP #Base
-
Tito (@mynameistito) reported@hridoyreh I use @Cloudflare for 2/4 of my domains and haven't had this issue. They even charge at cost pricing!
-
→ iSpeedtestOS (@iSpeedtest0S) reportedGreat, Telekom breaking half of the internet again right now… tons of websites are not reachable. Includes X, netzwelt, cloudflare status, and tons of others. Vodafone works. @Telekom_hilft get your **** together, this is unacceptable. Looks to be your IP resolver this time.
-
John Boland (JIB) (@actualjib) reportedMr. Bosmeny obviously understands the problem better than many specialists in the C-UAS field (maybe because his livelihood doesn't depend on misunderstanding it), but here he makes a fundamental error on how defense has to work by asking for a CloudFlare over a Raytheon: service over just a weapon. The solution is not a service more than a weapon, the solution is less service and more weapon. Defense is already badly weighed and watered down by decisions to maximize post-acquisition support revenue: contractors are incentivized to sell the maintenence of a bomb rather than selling a bomb that blows up. The winning company will sell a weapon that kills drones. It will be cheap, efficient, lethal, and yes it will integrate with everything as Mr. Bosmeny requests. It already exists, by the way.
-
Summer☀️ (@isaidmeow_) reported@ImLunaHey @Cloudflare Bro a few lines?? they're making us look bad
-
Narek (@NarekHakobyan) reported@hiradp @Cloudflare Cloudflare is cool, Cloudflare support is horrible