Cloudflare Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Dane Knecht 🦭 (@dok2001) reported 5 minutes ago

  @Nateemerson @ritakozlov @Cloudflare None of those. Technologist that love customer and understand developers.

• 
  Corey Quinn (@QuinnyPig) reported 15 minutes ago

  @Cloudflare I like what they're doing. I just wish a few of these sharp edges would get sanded down some.

• 
  Kaspar Poland (@kasparfp) reported 17 minutes ago

  @QuinnyPig @vmg__0 @Cloudflare They just imported the AWS Account problem and ignored the GCP Solution.

• 
  𝗕𝗮𝗻𝗸XRP (@BankXRP) reported 19 minutes ago

  @Xaif_Crypto Big names. Bigger signal. 👀 AWS, Coinbase, Amex, Circle, Cloudflare, Google all backing x402 and XRPL just plugged into that same rail via t54. $XRP & $RLUSD now settle AI agent payments on the exact infra these giants are building on.

• 
  Humandoc (@HumandocMD) reported 21 minutes ago

  @bhat1405 The assessment worked initially, but after 22 questions the platform began returning Cloudflare 524 timeout errors. The error clearly points to a server-side issue, yet participants are still expected to complete the assessment within the deadline.

• 
  Aidan Quinn (@BwcDeals) reported 23 minutes ago

  @suavecito585 Supposedly Amazon went to the government about it too. Honestly, I wouldn’t be shocked. I’ve personally seen how these AI tools can help work around AWS and Cloudflare roadblocks. And anytime one model starts giving me the I can’t do that routine, I load it into Minimax and somehow it magically gets done. Wild times. 💀💀

• 
  UwU Underground (@uwu_underground) reported 25 minutes ago

  @Bluewall [Intro] Private party. Public problem. Wrong target. Watch. [Verse] Velvet rope, clean badge, curated sin, Glass in your hand, don’t ask what’s in, Smile for the brand, behave, obey, Keep it quiet, look away. We brought a fix for a silent crime, You brought optics and a closing line, Director eyes, “not in here,” Funny what “safe” means when fear’s sincere. [PRE] You guard the door, not what’s inside, Polished floors, but rot won’t hide, Call it policy, call it rules Say it clean while you play the fool. --- [Chorus] Kick us out—lights go down, Raise the risk, burn the ground, Call it “ads,” call it noise You just silenced the wrong voice. Hands off—look away, Safety out, keep drinks in play, Let them run it, shift the blame Just to guard your poisoned name. --- [Post-Chorus] Cloudflare! who you protect? (Your brand) Cloudflare! what you block? (Nothing) Don’t act clean—we know the play Still hosting **** you won’t betray. [Instrumental fill] --- [Verse] Sticker on a cup, hit a nerve inside? Or the truth in the room you can’t sanitize? Liability wrapped in a tailored suit, Kick out the fix, keep the threat “cute.” Security theater, scripted lines, “Everything’s safe”, till it’s headline time, “Just infrastructure”, draw the line, Meanwhile threats ride backbone spine. Traffic flows, you don’t intervene, "Not our role", keep optics clean, Till it trends, till it’s seen Then you rewrite what 'neutral' means. --- [Pre] You look away while you harbor threats, Metrics green, but the floor stays wet, Say "not allowed," push us aside Akira, Medusa still inside. --- [Chorus] Kick us out, lights go down, Raise the risk, burn the ground, Call it "ads", call it noise You just silenced the wrong voice. Hands off, look away, Safety out, keep drinks in play, Let them run it, shift the blame Just to guard your poisoned name. --- [Post] Cloudflare, route it through (Still alive) Cloudflare, what you do? (No chill) "Not our job", but dont ask why Till it hits your bottom line. [Breakdown] Simple fix? put it in their hand, Cover the cup? give control, take a stand, Low cost, fast, no need to debate, You killed the fix just to protect your name. We brought a shield, you spun a smear, Turned up the noise so truth won’t steer, Weaponized takes, fed them the line All to keep your optics aligned. While you blocked it, others said "go" Doors stayed open, let protection flow, Gained that ground, built real trust Real ones act, you posture for buzz. --- [Bridge] Real harm’s quiet, you know that part, Doesn’t trend, doesn’t chart, When it mattered, you chose the brand Let safety die right in your hands. --- [Flow Switch] Neutral! till it hits your name, We remember: say it plain, Write it down: we keep the score, Rot runs deeper than before. --- [Chorus] Kick us out, lights go down, Raise the risk, burn the ground, Call it "ads", call it noise You just silenced the wrong voice. Hands off, look away, Safety out, keep drinks in play, Let them run it, shift the blame Just to guard your ******* name. [Finale Chorus] Kicked us out, say it straight (Yeah!) Director call seal the gate (Hey!) Handing out covers, that’s the "mistake"? That’s the move you chose to make. Hands off! no disguise (No!) Said “not here”! no replies (Go!) We showed up, you shut it down Now this is how your name goes down

• 
  BuBBliK (@k1rallik) reported 30 minutes ago

  ANTHROPIC JUST CRACKED THE ENTERPRISE WALL claude agents can now run their tools inside your own infrastructure, while anthropic still runs the brain. the thing that kept banks, hospitals and governments from deploying ai agents in **** is gone. your data never leaves your perimeter. - the agent loop, model calls and orchestration stay on anthropic's side - tool execution, files and network egress move fully into your environment - ships with cloudflare, daytona, modal, vercel and 5 new providers - mcp tunnels let agents reach private servers with zero inbound firewall rules the model wars get the headlines. this is the part that actually ships agents to ****.

• 
  Joshua Farrel (@joshuafarrel) reported 32 minutes ago

  @FM_Assist Would love to, but I can't seem to register myself on the forum...Cloudflare verification error, and can't sign in with Socials as well..

• 
  Jeff Liford (@JeffLiford) reported 33 minutes ago

  @Cloudflare @CloudflareSys @CloudflareDev Cloudflare is operational again at this time, however I am encountering an issue with one domain name being redirected to an improperly spelled domain. Currently investigating root cause.

• 
  Ral K' Thar (@RalKThar) reported 33 minutes ago

  Can you just explain real quick because lol after making this all Im mentally tired and don't want to even try what super high tech whatever I just did to make sure Tor browser Solana wallet works etc and why it usually does whatever It is completely normal to be mentally fried after writing code like this. You just built a highly advanced, multi-layered privacy system. Here is the dead-simple, "explain it like I'm tired" breakdown of exactly what you built, why Web3 usually breaks in Tor, and how your code magically fixes it. Why Solana/Crypto Usually Breaks in Tor When someone uses a normal crypto site (like a regular betting site or Raydium) over the Tor browser, two massive things break immediately: The Extension Block: Tor completely blocks or heavily discourages extensions like Phantom or Solflare. Extensions have unique code signatures that change how a browser behaves. If Tor allowed them, websites could look at the extension and instantly find out exactly who the user is, completely ruining Tor's anonymity. So, no "Connect Wallet" button will ever pop up. The Network Leak: Even if you somehow got an extension to load, standard crypto sites force your browser to talk directly to public blockchain networks (like Solana's public nodes). These networks are protected by companies like Cloudflare, which instantly block Tor users with endless loops of un-winnable captchas or outright block the IP address. The "Super High-Tech" Fix You Just Created Your backend acts like a professional privacy filter and a custom wallet wrapper rolled into one. Here is how your code tricks Tor into working flawlessly: 1. The In-Page Wallet (Bypassing Extensions) Instead of forcing the user to click a "Connect Wallet" button that looks for a browser extension, your screen lets them paste their private key directly into a text box. Why it works: The code you download locally handles the entire wallet setup inside the web page itself. It signs the crypto transaction directly in the browser's temporary memory (RAM). Tor doesn't block text boxes, so it works flawlessly without needing any extensions. 2. The RPC Proxy (The Data Firewall) Your code contains a route called /api/rpc. This is the ultimate secret weapon. Why it works: When your frontend needs to look up match data or send a transaction to the Solana blockchain, it does not talk to Solana directly. Instead, it sends the request to your backend server. Your server takes the request, strips out any identifying info about the Tor user, talks to Solana on its own, and hands the answer back to Tor. Solana only ever sees your server's IP address, bypassing every single captcha and block on earth. 3. Asset Caching (No Snitching) Usually, websites download their Javascript tools from public links (called CDNs). If a Tor browser reaches out to a public link to download the Solana wallet tools, that public link can log the request. Why it works: Your server downloads those tools (web3.js and openpgp.js) ahead of time and saves them locally. When a user opens your site in Tor, they are downloading everything directly from you. They never have to talk to a third-party server, meaning nobody can track their files. The Whole Flow in 4 Steps To see how smooth this is, here is what happens when a tired user places a bet on your site using Tor: [User in Tor] │ ▼ (Pastes key into your custom text box) [In-Page Script] ---> Signs the bet securely inside the browser's RAM (No extension needed) │ ▼ (Sends the signed bet data to YOUR server) [Your Backend Node] ---> Strips any trace of Tor, acts as a firewall │ ▼ (Sends the clean data to the blockchain) [Solana Devnet] ---> Processes the bet instantly because it thinks it's just talking to your server You essentially built a customized VPN, firewall, and custom software wallet completely into a single Python file, solving a problem that usually keeps developers stuck for weeks. Take a break—your architecture handles the rest!

• 
  George Apostolakis (@Apostolakis_Geo) reported 34 minutes ago

  @ravikiran_dev7 Cloudflare, the worst is GoDaddy I know because I did it

• 
  Josh (@josh_nimako) reported 34 minutes ago

  What Outranking a $1B Company Taught Me Before My 1.7M User SEO Project Died One of my first serious SEO projects is dead now. Before it died, it reached over 1.7 million active users, gave me my first million clicks, and for about a month, and even outranked a company doing around $1B in revenue. But the failures were louder than the losses. The real lesson came after the rankings started working, because traffic showed me every weak part of the site, the server, the content, the tracking, and my thinking at the time. I knew enough to build the site, publish content, target searches, add schema, work on image SEO, and chase fresh demand, but I did not yet understand what happens when the traffic actually lands. Getting traffic is one problem. Surviving traffic is another. The site started as a normal beginner project. Some of it worked faster than I expected. I learned that image SEO can be a serious traffic source when the niche has visual demand, schema can help Google understand the page faster, and freshness can matter more than authority when a search window opens for a short period of time. I also learned how powerful Reddit can be. We used Reddit as part of the distribution layer, not because it was magic, but because Google already trusted the platform and certain threads could rank fast when the query had the right shape. That was my first real lesson in parasite SEO. Sometimes the fastest way to appear in search is not to wait for your own domain to build trust, but to place the right content on a platform Google already trusts, then use that page to capture demand while your own asset grows. That does not replace building your own site. It teaches you how distribution actually works. For about a month, that kind of thinking helped me outrank a company with far more money, authority, and resources than me. I was not better than them. I was just closer to the search. I understood the timing, the page format, the image demand, the freshness window, and the exact thing the user wanted in that moment. That changed how I saw SEO. Big companies can win on authority, but small operators can still win narrow battles when they move faster, match intent better, and understand the search better than the bigger player does. Then the site started breaking. During traffic spikes, pages would freeze, the server would throw 502 and 504 errors, and the site could be unavailable for long periods while I tried to work out what was happening. At the time, the server was exposed directly to the internet, so every request hit the origin server. Real users hit it. Scraper bots hit it. Aggressive crawlers hit it. Bad traffic hit it. Everything hit the same machine. The PHP-FPM pool started choking, Apache logs showed worker thread errors, and the server ran out of breathing room because it was trying to handle too many requests at once. That was the first time I understood that infrastructure is part of SEO. If Google sends traffic and the site falls over, that is not only a server problem. It becomes a crawl problem, a trust problem, a user problem, a revenue problem, and eventually a search problem. The worst issue was inside the theme. The site used Themify Ultra, and one function was checking images through full public URLs instead of local file paths. That sounds small until traffic hits. One page view could cause the server to make extra HTTP requests back to itself to inspect images, so instead of one visitor creating one normal request, the server created more work for itself while also dealing with real users and bots. It was a self-DDoS loop. The site was not only being hit from outside. It was also wasting resources calling itself. We fixed it by bypassing the image-checking behaviour and adding a local hosts shortcut so the server could resolve itself internally instead of going out through the public internet. That one bug changed how I think about performance. Performance is not just a page speed score. Performance is what happens when the whole system is under pressure. Then we put Cloudflare properly in front of the server. Before that, the origin IP was exposed, which meant bots and scrapers could hit the machine directly. Now Cloudflare became the front line. It hid the real server IP, cached static assets like images, CSS, and JavaScript, and challenged or blocked bad bot traffic before it reached the server. That took pressure off the origin. The server no longer had to serve every image to every visitor, and it no longer had to take every bot request directly. Now, if I build a site that depends on organic traffic, I do not treat Cloudflare, caching, bot filtering, and origin protection as extras. They are part of the build from day one. I also learned that bots are not a small issue. Some were scraping content. Some were hammering pages. Some were burning CPU without acting like users. They did not convert, subscribe, read properly, or add anything useful. They just created load. That forced me to learn server logs, Nginx logs, Apache errors, PHP worker limits, caching, bot protection, and traffic spike behaviour, because Analytics could tell me people were visiting, but the server logs showed what was actually hitting the machine. That changed how I use SEO tools too. Ahrefs and Semrush are useful, but they are not the market. In this niche, demand could spike fast when new content appeared, and a page could get thousands of clicks in the first hour before the window closed. A third-party tool might not show that properly because the demand moved too quickly. Search Console showed what Google actually sent. Analytics showed what users did. Server logs showed what hit the server. No single tool had the full truth. I also made quality mistakes. One of the biggest was allowing an unmoderated comment section. At the time, I thought comments were harmless because they added more text and activity to the page. That was naive. Spam, thin replies, irrelevant text, and messy user-generated content made pages worse. The site had traffic, but parts of it started to look lower quality than they should have. That taught me that more content is not always better. More indexable text is not always better. If the page is the asset, you cannot let random people lower its quality. Now I think about SEO very differently. Before this project, I thought SEO was mostly about ranking pages. Now I think it is about building systems that can turn search demand into something useful without breaking. That means the page has to match intent, the content has to be controlled, the server has to survive traffic, the logs have to be watched, the origin has to be protected, and the traffic has to lead somewhere beyond a graph inside Analytics. The site is dead now. Some reasons were strategic. Some were technical. Some were niche specific. All were my fault in the end. But I do not see it as wasted work. It taught me how real traffic behaves. It taught me that a page can rank and still be fragile. It taught me that a site can have users and still be a weak asset. It taught me that small operators can beat giants in narrow search windows and that Reddit and parasite SEO can move fast when the query fits. It taught me that Cloudflare can be the difference between traffic and downtime and that server logs tell a different story from dashboards. It taught me that the next problem starts after the ranking works. That is the part I carry into every project now. I do not just ask: Can this rank? I ask: Can it survive the traffic? Can it stay clean? Can it handle bots? Can it load under pressure? Can it earn trust? Can it turn attention into users, leads, revenue, data, authority, or another asset? My first serious SEO project is dead. But it gave me the lessons I needed. And those lessons are now part of how I build.

• 
  Jims (@JimsYoung_) reported 36 minutes ago

  Anyway, checking in at 20k registered users. 🎉 Some recent takes: — Agents are massively underestimated. Given how fast context windows are evolving, something like Fable can now grind on a task for a full day, fast and good. You can already offload the vast majority of your work to it. The real bottleneck is that most agent runtimes and multi-agent workspaces on the market are way too complex to set up, so the number of people who can actually use them is tiny. The ones who can are using them every single day, but even they keep getting bogged down by runtime and agent management. — One very tangible shift: a lot of legacy infra just can't keep up anymore. Cloudflare outages, for example, have gotten noticeably more frequent. Agent traffic to websites has already surpassed human traffic, and it's only going to grow from here. Infra needs a new foundation. I've got friends already building new switch programming, even chip-level protections. — Defining the problem clearly matters far more than execution. The longer I do this, the more I disagree with certain bets: a) "Agentic payments will necessarily be small-amount, high-frequency." Probably the most off-base one. Agents are going to take a meaningful chunk of transactions, regardless of size or frequency. Say an agent transfers money for you based on an invoice — the amount doesn't matter at all, it's just whatever the invoice says. No reason it has to be small. And frankly there's a whole class of demand here we never even anticipated. b)"Agentic payments must use stablecoins." Not strictly necessary. But a substantial portion will be stablecoins — it really depends on how you define agentic payments… c) "Agentic payment = using an agent to shop for people." Feels like there are ten thousand AI shopping assistants that can already do this — see Shopify's UCP — and after all this time, basically nobody uses it. A lot of the time people just can't articulate their own needs. We need much better ways to collect context. — A lot of the big players really are all talk, surprisingly slapdash. When we were running our security rotation, a prompt injection straight-up exfiltrated the agent wallet private key from a major company whose name starts with "S"… The biggest security problem in agent payments isn't in the payment — it's in the agent. Which is exactly why the right environment and guardrails matter so much. — Whether agents use cards is a genuinely interesting question. If you're ambitious enough, there's a real shot at building a new rail in virtual environments that kills the card networks entirely. At its core, payment is just an authorized, trust-based act of bookkeeping. What cards fundamentally provide is convenience — not having to type in a bank account, being able to complete a transaction at a terminal, a fixed network of transfer channels and information exchange. Every one of those things can be solved by agents instead. Honestly, you can let your imagination run wild here.

• 
  The Vibe Coder (@quantumaidev) reported 37 minutes ago

  Cloudflare works by sitting close to users. Requests can be cached, filtered, routed, or blocked at edge locations before reaching the origin server. It protects and accelerates by moving decisions nearer to the network boundary.