Cloudflare Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Jilles Soeters (@Jilles) reported 6 minutes ago

  I’ve been building so much on Cloudflare I forgot these problems exist.

• 
  Philip Wallage (@Wallage) reported 8 minutes ago

  3 weeks ago Cloudflare published a beautiful blog post about redesigning that little widget you click to verify you're not a robot. WCAG 2.2 AAA. Rigorous user research. Eight participants from eight countries, blinded testing. They wrote that "when visual consistency conflicted with readability, readability won. Every time." Today they launched their new marketing homepage. No blog post about it. No press release. No tweet from Matthew Prince. For a company that announces a quarterly Forrester report and individual API changelogs, the silence on a full marketing site relaunch is loud. The reaction on X has been brutal. Some of what's being flagged: - Login button goes to the sign-up page - "View docs" link on the careers page points to R2 storage - Multiple users with no colourblindness saying the contrast hurts their eyes - Broken scrolling on Safari - Doesn't render properly on mobile - An em-dash in the hero headline, days after a whole blog post about removing em-dashes for readability A Cloudflare engineer replied to the thread: "expect fixes in the coming days." I'm not piling on Cloudflare. Shipping at their scale is hard and they'll fix it. The contrast between the two artefacts is the lesson. The blog post about the human-verification widget is what design teams want to be true about themselves. Process. Research. Accessibility as a value. The marketing homepage is what actually ships under deadline pressure when nobody owns the QA pass. If you look at most e-commerce sites I audit, the same gap exists. The brand book says "accessible, considered, customer-first." The product detail page has 11px grey-on-grey microcopy, a CTA that disappears on hover, and a sticky add-to-cart that covers the price on mobile. The blog post you want to write about your design system matters less than the page where you take money from people. Audit what you actually shipped, not what you meant to ship.

• 
  Lucas Adams (@SuccessUnleash1) reported 8 minutes ago

  Avoid three major pitfalls and achieve four key goals. • Do not buy $COIN (Coinbase) • Do not buy $NET (Cloudflare) • Do not buy $SOFI (SoFi Technologies) • Buy $SNDK (SanDisk) • Buy $ASTS (Ascent Solar Technologies) • Buy $LITE (Lumentum) • Buy $INTC (Intel) Stop blind trading. I can't promise you’ll become a billionaire overnight, but this approach will help you capture strong gains and avoid unnecessary losses.

• 
  Rayan A Cader (@rayanabdulcader) reported 9 minutes ago

  @Cloudflare zero customer impact on something this critical is impressive. the speed from detection to full mitigation across a global fleet is not easy to pull off

• 
  Eli Edelkind (@eliedelkind) reported 9 minutes ago

  Fourth, cyber is a trust wedge into the enterprise. If a lab helps Cisco, Cloudflare, Microsoft, JPMorgan, Linux Foundation maintainers, or major software vendors reduce high-severity bugs, that buys credibility with the people who block or approve AI adoption. It is not just “sell a scanner”; it is “prove our agents can be allowed near your crown-jewel code and infrastructure.” Anthropic’s launch-partner list includes major cloud, software, finance, security, and infrastructure organizations; OpenAI lists major security organizations as Daybreak partners. Fifth, this helps with the coding-agent TAM, which is much larger than AppSec alone. Vulnerability discovery, patching, testing, repo comprehension, and dependency reasoning are all subskills of valuable software-engineering agents. The output may be marketed as “cyber,” but the learning loop improves the same capabilities needed for code migration, refactoring, testing, code review, and autonomous software maintenance. So, is there a better use of funds/time? For pure revenue maximization, probably yes: broad enterprise workflow automation, coding agents, customer support, analytics, office automation, and vertical business-process automation are larger markets. I do not think either lab is betting the company on AppSec. But as a strategic wedge, cyber is rational because it offers a rare combination: high buyer urgency, measurable outcomes, government relevance, safety justification, strong demos, and a proving ground for autonomous agents. The risk is that the marketing outruns the operational reality. CISOs should evaluate these tools as high-context AppSec/research accelerators, not as replacements for SAST, DAST, SCA, fuzzing, secure design review, human product-security judgment, or vulnerability-management governance. OpenAI itself still says SAST remains important and positions Codex Security around turning “this looks suspicious” into “this is real, here is how it fails, and here is a fix.” My bottom line: you are right to be skeptical of the hype; wrong to dismiss it as merely SAST. The commercial cybersecurity market is not the endgame. The endgame is proving, governing, and selling frontier agents that can safely operate inside the software-development and infrastructure stack.

• 
  Reliable Brain 🇺🇸 (@ReliableBrain) reported 12 minutes ago

  @BrendanEich I’m just gonna start a JV to buy ISPs and block anything and everything Google/Apple/Cloudflare related. Any app that requires age based verification via ID, will be blocked. If there is something that’s bad for kids, it’s incumbent on the parents to make sure they filter out any and all content they don’t want their kids to access.

• 
  Mike Gyi (@mikegyi) reported 13 minutes ago

  @levelsio @Cloudflare I'm scared of going any deeper into Cloudflare at the moment due to the La Liga blocking in Spain. It's truly awful. Curious to see how you get on with this though as I'm looking to move from mailgun to either SES or something else.

• 
  The Back Pocket (@TheBackPocketAU) reported 15 minutes ago

  @rohan_connolly Been Google and Cloudflare issues all day from what I can tell. Twitter was down for a bit, Discord and Square too. Outlook crashed for fifteen or twenty minutes. Maybe this is finally the end 🤞

• 
  rep1c.eth (@rep1cxyz) reported 15 minutes ago

  "Stocks always rise after layoffs" - really? Cloudflare: beat earnings, cut 1,100 people → stock dropped 18% Coinbase: cut 700, called it "AI-native" → surprise loss, stock down 5% Upwork: cut 24% of workforce → stock cratered 19% I went through the actual numbers. The full breakdown ↓

• 
  38twelveDaily (@38twelveDaily) reported 15 minutes ago

  Cloudflare just laid off 1,100 people—20% of its workforce—while posting record $639.8M quarterly revenue. CEO Matthew Prince says AI made the support roles obsolete, not financial pressure.

• 
  Graham (@grah_uk) reported 18 minutes ago

  @nicolasembleton @fayazara Just baffles me they have all the guardrails for the free tier and cannot implement that to the $5 tier and beyond. Ideally just like to stick max $30pm and forget about it, surely this makes commercial sense as I’m keen to pay and cancel my VPS. Just feels @Cloudflare are leaving money in the table

• 
  Alon M. (@Alon_iploop) reported 18 minutes ago

  @Autonomous_Chad If you hit Cloudflare even from residential IPs, it's almost never the IP that's the issue at that point - it's TLS fingerprint + header order + cookie state. Polymarket likely added a JS challenge on the auth path. Try a real Chromium with a clean session instead of curl/python requests, you'll usually punch through.

• 
  Shimazu.S (@ShimazuSystems) reported 20 minutes ago

  The reality is that people will continue using it, because (just like cloudflare) it brings down costs. The more individual/unique apps & sites pop up, the less likely it is that anyone will pay for them, so why would you not cut costs where possible? I don't use either, but I do see why people do & will continue to + I cannot see any kind of human verification *not* being invasive - now the pandoras box is open, it is inevitable people request walled gardens free from AI. At this point what do you do?

• 
  Christine Moore (@Christi80931811) reported 25 minutes ago

  @PhaedraXTeddy @Cloudflare They are monsters of worst kind

• 
  ChiseledCactus | Analyst (@chiseledcactus) reported 27 minutes ago

  @deanelazab @YayJayBae Hello! If it helps, it looks like it's running via cloudflare servers, and registered via "Namecheap". It still lists "Mediadroid LTD UK", with a "Jonathan hassall, but was dissolved a while back, so this is all sorts of shady. I imagine twitch and YouTube wouldn't be too happy with them continuously scraping content and causing issues, yeah? But is that even an option to try and rally to them?