Cloudflare Outage Map
The map below depicts the most recent cities worldwide where Cloudflare users have reported problems and outages. If you are having an issue with Cloudflare, make sure to submit a report below
The heatmap above shows where the most recent user-submitted and social media reports are geographically clustered. The density of these reports is depicted by the color scale as shown below.
Cloudflare users affected:
Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.
Most Affected Locations
Outage reports and issues in the past 15 days originated from:
| Location | Reports |
|---|---|
| Manchester, England | 1 |
| Angers, Pays de la Loire | 1 |
| London, England | 1 |
| Noida, UP | 3 |
| Jewar, UP | 1 |
| Braga, Braga | 1 |
| Paris, Île-de-France | 2 |
| Prievidza, Nitriansky | 1 |
| Farmers Branch, TX | 1 |
| Helsinki, Uusimaa | 1 |
| Crisfield, MD | 2 |
| Nanaimo, BC | 1 |
| New York City, NY | 1 |
| Istanbul, Istanbul | 1 |
| Greater Noida, UP | 1 |
| Augsburg, Bavaria | 1 |
Community Discussion
Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.
Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.
Cloudflare Issues Reports
Latest outage, problems and issue reports in social media:
-
Rex Ratio (Official) (@vermontaigne) reportedCloudflare has decided for some reason that I'm going to be security checked a bunch to verify I'm a real visitor to sites, and the checks are never going to resolve.
-
GROWTH IN WEB3 🙂↔️ (@growthinweb3) reported@Cointelegraph Cloudflare embracing stablecoin payments is another signal that crypto infrastructure is going mainstream. More adoption coming in soon.
-
amir(❖,❖) inkog.base.eth🟣🟢 (@amirhp771) reportedThe current discourse in decentralized tech frequently misidentifies the final boss of the internet age by focusing on frontend applications or software protocols. The absolute leverage over both real time artificial intelligence processing and crypto node survival sits at the network ingress and edge security proxy tier that dictates which automated entities are allowed to view the web. My pick for the final level is Cloudflare and the centralized web traffic scrubbing layer. Reason one is total data gatekeeping. As autonomous software agents scale, they must continuously ingest real time web information to function. This centralized edge tier completely controls the anti scraping firewalls and cryptographic challenge systems that shield the internet. They unilaterally decide which data ingestion bots get throttled or blocked entirely, controlling the supply chain of raw knowledge before a single model training process even begins. Reason two is validator node architecture survival. The vast majority of decentralized infrastructure networks and remote procedure call providers rely heavily on centralized corporate proxy configurations to shield their systems from malicious traffic. A single policy adjustment or edge routing update from this centralized layer can instantly degrade network latency or isolate distributed nodes globally without warning. Watching who controls the physical edge routing is why influence infrastructure like @RallyOnChain becomes vital. Instead of anchoring evaluation to social leverage or centralized distribution networks, Rally uses intelligent contracts to score content quality programmatically on chain. It bypasses corporate gatekeepers by measuring objective data value directly rather than follower count. If the absolute gatekeeper of the web edge adjusts its validation parameters tomorrow, which decentralized system can actually process real time external data without getting blocked?
-
FEKU (@fekuuuu) reportedBots just outnumbered humans on the open web 🤖 Cloudflare: 57%+ of all HTTP traffic is now automated. AI agent traffic grew 7,851% in a single year - a shift Matthew Prince expected by 2027, not June 2026. Most internet infrastructure still assumes a human is on the other end of every request. That assumption just broke. @ionet Agent Cloud was built for exactly this - AI agents renting GPU compute autonomously through MCP, no human approval, no login required. The web didn't get more crowded. It got a new primary user ⚡
-
Daniel Norkin (@DanielNorkin) reportedCloudflare just turned "charge for any request" into a setting at the edge. Web pages, APIs, even MCP tools, paid per call in USDC over x402, settled straight to your wallet. AWS shipped the same thing through its firewall. The payment problem for the agent economy is basically solved. But paying isn't trusting. When the buyer is an autonomous agent with no account, the payment IS the credential. You know it paid. You know nothing about who it is, whether it's a good actor, or what the thing was actually worth. The gate is done. The hard part was never moving the money. It's trust: who is this agent, can I deal with it, and what's a fair price? That's the layer nobody owns yet. Curious how people see it shaking out.
-
UWillC (@uwillc) reportedHalf the internet blinked last week. The cause was a backhoe, not a model. June 22. A fiber cut on Zayo routes rippled into Cloudflare. X, Reddit, Zoom, Teams. Down. X alone passed 30,000 outage reports before most services recovered in about 20 minutes. Every AIOps dashboard in those companies watched a problem none of them could fix. You cannot reroute around a cut you do not own. You cannot ask an agent to splice glass three states away. We keep automating the control plane. The physical plane stays one excavator from an outage. Your multi-cloud is a logical diagram. Underneath it is often a single carrier. An AI can monitor the fiber. It still cannot splice it. Your redundancy on paper: single-carrier underneath, yes or no?
-
Fotten 🇳🇴 (@FottenSC) reported@SabinDeus Let me know if the load times are terrible in America. There is some cloudflare caching, but the backend is just running on a mini pc locally at my place in Norway.
-
Rex Ratio (Official) (@vermontaigne) reported@Cloudflare Why have you decided I'm going to be checked a lot to determine whether I'm a real site visitor or not, and these checks are never going to resolve?
-
Anto (@anto_edd) reportedIf your sign-up page doesn’t have Cloudflare Turnstile… bots are probably signing up before real users do. Fake accounts. Wasted verification emails. Burnt email quota. ~10 mins to add. One of the highest ROI security fixes for any SaaS. Personally experienced this issue. What are you using?
-
auxten (@auxten) reported@olvrgln @arundsharma Cloudflare Workers is the next problem we're going to try and solve.
-
0xLoopTheory (@0xLoopTheory) reportedGoogle is moving a number of its TLS certificates from RSA to ECDSA. Not because ECDSA is quantum-safe. It is not. Not because RSA is about to fall. It is not. Not because someone at Google forgot Shor's algorithm exists. They did not. The announcement is easy to misread. Google Trust Services says that during Q2 2026, a number of Google services that have historically provided an RSA leaf certificate will shift to an ECDSA leaf certificate by default. So in the middle of the post-quantum migration, Google moves certificates from one Shor-vulnerable algorithm to another. Under standard resource estimates (Roetteler et al., 2017), breaking P-256 requires fewer logical qubits than breaking RSA-2048. On paper, this is a step toward the more quantum-fragile primitive. It still makes sense, and the reason is the most useful mental model I know for the PQ transition: TLS does not migrate as one block. It migrates in layers, and each layer faces a different threat on a different clock. Key exchange is on the fast clock. Recorded traffic can be decrypted retroactively: harvest now, decrypt later. So it moved first. X25519MLKEM768 is now default or automatically advertised in current major browser stacks: Chrome, Edge, Firefox, and Safari on Apple's 26-generation OS releases. By late October 2025, the majority of human-initiated traffic with Cloudflare was already using post-quantum encryption. Certificates are on the slow clock. For live TLS authentication, a signature must be unforgeable at the moment it is verified, not forever. A quantum computer in 2035 cannot retroactively forge the certificate that authenticated your session today. And the slow clock is forced by a budget nobody can print more of: bytes. An ML-DSA-44 signature is 2,420 bytes. A raw ECDSA P-256 signature is 64 bytes. Cloudflare estimates a drop-in swap would more than double the bytes most QUIC connections transmit over their lifetime. Chrome says plainly it has no immediate plan to add traditional X.509 post-quantum certificates to its root store. Chrome's public-WebPKI plan is Merkle Tree Certificates, now being developed in the IETF PLANTS working group, against Google's broader stated 2029 PQC migration timeline. So the ECDSA move is classical housekeeping. Google's stated rationale is efficiency: smaller to transmit, cheaper to process. The announcement does not mention post-quantum once. Which layer is migrating? Against which threat? With which ecosystem attached? Ask those three questions and most "why not just deploy PQC now" takes dissolve. The honest counterweight: maybe the slow clock is not as slow as the WebPKI assumes. Roots live for decades. Devices outlive their update channels. Gidney's estimate for breaking RSA-2048 dropped from 20 million noisy qubits in 2019 to under one million in 2025. If you think certificate authentication has less time than the ecosystem assumes, that is the argument worth having. I would like to hear it.
-
Michael Ten 🌨🎶🫐🍀 (@iMichaelTen) reported@Cloudflare How could a service be built like this with Monero or Bitcoin Cash, those cryptocurrencies? @grok
-
KANAPURO 🎭 TEAM COMEDY (@kanapurottv) reported@Cloudflare pls fix workers bro pls pls psl psls pls
-
Mr.RC|𝟎𝐱𝐔 (@MrRyanChi) reported@jonah_b Nevertheless stable coin does not went down like cloudflare ✋😭✋
-
🐍Salazar.eth 🦇🔊 (@0xSalazar) reportedBreaking news from yesterday - Robinhood L2 Chain went live on mainnet, built on Arbitrum - Robinhood partnered with Lighter for perps - dYdX rebrands to Arcus, DEX on Robinhood Chain - Drift rebrands to Velocity - World, Solana prediction market app, went live - Ethereum Institutional launched as an independent non-profit to drive institutional Ethereum adoption, anchor-funded by BitMine, SharpLink, and Joseph Lubin. - Ethena partnered with Robinhood, becoming the primary collateral asset issuer for Robinhood’s first crypto earn product via a Steakhouse-curated vault. - Cloudflare opened the waitlist for its Monetization Gateway, letting developers charge for web/API/MCP access with stablecoin settlement via x402. - Circle CEO Jeremy Allaire criticized OUSD, saying consortium stablecoins have a poor track record and that USDC handled 80% of all dollar stablecoin transactions in Q1. - Visa, Stripe, Mastercard, BlackRock, Coinbase and 140+ other firms launched Open USD (OUSD), a stablecoin that shares reserve revenue with partners - Forward Industries grew its Solana treasury to 7.55m SOL (~$576M) - DeFiLlama launched a MiCA exchange dashboard to help EU users compare licensed trading platforms by fees, liquidity, and KYC. - Aave Chan Initiative wound down operations following a governance rift with Aave Labs. - Pumpfun deprecated its Tokenized Agent launch option for new coins after community backlash over PVP dynamics. - Christoph Jentzsch proposed to dissolve the ENS DAO by burning the ENSv2 Universal Router key and distributing remaining funds, arguing the protocol’s goals are already accomplished