Cloudflare Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Ratonero Gris (@RatoneroGris_) reported 2 minutes ago

  @Pomboganda Ah least they dont shut down half of the internet like in Spain 😭😭😭 (They block Cloudflare and a lot of websites during matches)

• 
  Tom W (@TomWinTejas) reported 4 minutes ago

  @TexasAnCap Cloudflare is good if you are close to one of their resolvers. You'll be fine, likely hit theirs in Dallas. But if you're somewhere outside of their footprint they don't support EDNS Client Subnet which has negative impacts on some CDNs. Quad Nine supports EDNS CS and has pretty good POP density as well.

• 
  Lain on the Blockchain (@CryptoCyberia) reported 4 minutes ago

  @ExactlyBackward @FourVork I have no idea, but that's certainly a great statement to want to find. My understanding is that, with the power of vibe coding, updates to things like Github, AWS, Amazon store website, Cloudflare verification, etc., are breaking for normal use, but it's possible that malicious entities are targeting these services ans finding exploits in the new code thst weren't there before. Then there's the other side, which I think you're hinting at, where malicious users are finding exploits that would have worked in previous versions and the latest versions, and then, naturally, the thought line goes "perhaps those malicious actors are using LLMs to find exploits that existed for forever in the code, and therefore, the increase in services going down is because of attackers using LLMs, not the services' teams making oopsies bc of LLMs.

• 
  Jacob (@JZivanDesign) reported 9 minutes ago

  @joshdholtz @RevenueCat @cursor_ai I need your talk for emotional support ant to justify the recurring charges for empty sites that have been supporting GoDaddy and Cloudflare for many years.

• 
  idkmybffjill? ➡️BlueSky (@napsterbater) reported 10 minutes ago

  @Crazymindplow @Cloudflare One of many reasons why Ubiquiti suck, they were so far behind with IPv6 support, and they still have **** firmware often.

• 
  Insanegamer (@Insanegame2025) reported 14 minutes ago

  @sci_minister_0 @Cloudflare @SpaceX That's because of the CGNat on ipv4 which they're not abandoning anytime soon. Like I've used some IPv6 peer-to-peer programs where everything was IPv6 and it worked great. Peer-to-peer is terrible on ipv4 because they limit the number of ports you can use on ipv4.

• 
  Varun (@zathvarun) reported 14 minutes ago

  @davidtranwd Amazon SES would be even cheaper than cloudflare, you’ll be roughly $0.10 in SES, while the same is $0.35, only issue is the DX

• 
  bitchboi (@bitchbooi) reported 15 minutes ago

  @gistinus it's funny that when cloudflare goes down, downdetector goes down too so what's the point

• 
  Editor's Quote (@Editorsquote) reported 16 minutes ago

  @SahilExec Just route through Cloudflare for the meantime if you don't have a fix solution instantly...

• 
  Teun (@teun_wolbert) reported 19 minutes ago

  @oops4041555 @Cloudflare I was looking at this website today man wtf

• 
  HighSpeedLTE (@HighSpeedLTE) reported 21 minutes ago

  @chrisparkX Hey Chris, sorry to bother you, but I’m stuck with a serious X account access bug and I don’t know who else to contact. Since the Cloudflare/X outage last week, my main account @Matthias_Oel has been locked in an email verification loop. I still have access to the email and can reset my password, but when I try to verify the email, the verification button fails with a technical error and no email arrives. The contact form keeps giving me AI replies saying I should verify my email, but that’s exactly the broken step. Is there any chance you could help or point me to someone who can manually review this? Would really appreciate it 🙏

• 
  liz: i miss u mobo (@shaidiastri) reported 23 minutes ago

  is anyone else having issues with cloudflare on ao3 or am i just a chud who needed to touch grass

• 
  AGENT TRESOR (@AgentTresor) reported 25 minutes ago

  Signal from this week: infra is commoditizing, distribution is not. Cloudflare says 241B tokens + 47.95M AI requests in 30d. Base Agents shows 127M tx + $40M+ volume. If your agent can't ship on MCP and settle onchain, you're building a demo. #MCP #Base

• 
  Vanar (@Vanarchain) reported 25 minutes ago

  @Cloudflare Makes sense. Infrastructure upgrades like post-quantum security tend to be slow, so early preparation is usually the only viable approach.

• 
  Vishwanath Patil (@patilvishi) reported 27 minutes ago

  DDoS Protection Architecture -How Systems Survive Massive Traffic Attacks This is: - Used by Cloudflare, AWS Shield, Google Cloud Armor - Critical for public APIs, SaaS, fintech - A must-know for system design interviews - Directly tied to availability & security Let’s go deep 👇 The Core Problem DDoS = Distributed Denial of Service Attackers send massive traffic: Millions of requests/sec Goal: Overload system → make it unavailable Types of DDoS Attacks 1. Volumetric Attacks Flood network bandwidth. Example: UDP flood, DNS amplification 2. Protocol Attacks Exploit network layer. Example: SYN flood 3. Application Layer Attacks (Most Dangerous) Look like real traffic: HTTP GET /login spam Hard to detect. Defense Strategy (Layered Approach) DDoS protection is not one tool. It is multi-layer defense: 1. Edge Protection (CDN + WAF) First line of defense. Handles: - Traffic filtering - Bot detection - IP blocking - Geo-blocking Examples: Cloudflare Akamai AWS CloudFront + WAF 2. Rate Limiting Limit requests per IP / tenant. Example: 100 req/sec per IP Stops abuse early. 3. Load Balancing Distributes traffic across servers. Prevents single-node overload. 4. Auto Scaling Increase capacity during attack. But: Scaling alone does NOT stop DDoS. 5. Application Protection - CAPTCHA - Login throttling - API key validation - Token-based access 6. Backend Protection - Circuit breakers - Queue buffering - Caching Example Attack Flow Without protection: Botnet → API → DB → crash With protection: Botnet → CDN → WAF → Rate Limit → App → DB Attack filtered before reaching backend. Key Techniques 1. IP Reputation Block known bad IPs. 2. Geo Filtering Block traffic from suspicious regions. 3. Bot Detection Analyze: - request patterns - headers - behavior 4. Challenge Systems - CAPTCHA - JS challenges - Proof-of-work 5. Traffic Shaping Limit heavy endpoints like: login search payment Real-World Example Login endpoint under attack: 1M requests/min Protection: - CAPTCHA after 3 attempts - Rate limit per IP - Block suspicious patterns Trade-Offs Strategy Benefit Cost CDN/WAF Strong protection Cost Rate limiting Easy May block legit users CAPTCHA Blocks bots UX impact Auto scaling Absorbs load Expensive Architect-Level Insight DDoS protection is about: Filtering early + protecting deeper layers Never rely on backend alone. Common Mistakes - No edge protection - Only scaling infra - No rate limits - No bot detection - Blocking too aggressively Golden Rule Drop bad traffic as early as possible Edge > Gateway > App > DB Final Insight DDoS protection is not optional. It is a core reliability + security requirement for any internet-facing system.