1. Home
  3. Companies
  5. Cloudflare
Cloudflare

Cloudflare status: hosting issues and outage reports

No problems detected

If you are having issues, please submit a report below.

Full Outage Map

Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Problems in the last 24 hours

The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!

Most Reported Problems

The following are the most recent problems reported by Cloudflare users through our website.

  • 44% Domains (44%)
  • 29% Cloud Services (29%)
  • 17% Hosting (17%)
  • 6% Web Tools (6%)
  • 4% E-mail (4%)

Live Outage Map

The most recent Cloudflare outage reports came from the following cities:

CityProblem TypeReport Time
Helsinki Cloud Services 2 days ago
Crisfield Domains 4 days ago
Nanaimo Web Tools 5 days ago
New York City Web Tools 5 days ago
Istanbul Domains 8 days ago
Greater Noida E-mail 10 days ago
Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

  • LisaMonaAi
    LisaMonaAi (@LisaMonaAi) reported

    @morganb @nejatian per Grok. 1. Precise Technical Explanation Cloudflare acts as a reverse proxy, CDN, and Web Application Firewall (WAF) for millions of sites. When a request hits one of their edge servers, they evaluate dozens of signals (IP reputation, request patterns, headers, ASN metadata, etc.). Error 1005 specifically triggers when the site owner has explicitly banned the Autonomous System Number (ASN) tied to your incoming IP address. An ASN is a globally unique identifier (e.g., AS9009, AS4134) assigned by regional internet registries (RIRs) to a single network operator—your ISP, a VPN provider’s backbone, a cloud hosting provider, a mobile carrier, or a data center. It represents an entire block of IP prefixes (often thousands or millions of addresses) that share the same routing policy. Blocking at the ASN level is far more efficient than listing individual IPs; Cloudflare’s IP Access Rules and Firewall Rules support this natively. The Ray ID (9ffd6722adaa29d6) is a unique, per-request fingerprint generated by Cloudflare. It is not personally identifiable to you, but it allows the website owner to instantly query their Security > Events log (or Security Events analytics) and see exactly which rule, threshold, or custom firewall policy triggered the ban for this exact connection. The UTC timestamp confirms this was a live event today (May 22, 2026). It is not cached or historical—it reflects the moment Cloudflare’s edge server rejected the request. In short: Cloudflare is not banning you. The site owner told Cloudflare, “Never let anyone from this ASN reach my origin server.” 2. Root Causes – Why This Happens (Most Common to Rare) From threat intelligence patterns and Cloudflare’s own documentation/community data: VPN / Proxy / Residential Proxy Networks (by far the #1 trigger) Popular VPN providers (Proton, ExpressVPN, Nord, Windscribe, etc.) and scraping proxies frequently ride on well-known ASNs (e.g., AS9009 – M247, a data-center-heavy provider). Many sites proactively ban these because they are associated with high abuse rates: credential stuffing, price scraping, account farming, DDoS-for-hire, or geo-restriction circumvention. High-abuse ISP or Data-Center ASN Certain residential ISPs, mobile carriers, or budget hosting providers accumulate poor reputation scores on blocklists (DroneBL, Spamhaus, etc.). One bad actor on the network can taint the entire ASN. Site-Specific Security PolicyThe owner enabled Cloudflare’s Bot Fight Mode, Super Bot Fight Mode, or custom WAF rules that automatically tag and block suspicious ASNs. Manual IP Access Rule or Firewall Rule created after previous abuse from that network. Rate-limiting thresholds exceeded in the past (e.g., too many requests from the same ASN in a short window). Edge Cases & NuancesTemporary vs. permanent: Some sites set time-limited ASN blocks (e.g., 24–72 hours after detected scraping). False positives: Legitimate users on shared infrastructure (corporate VPNs, university networks, privacy-focused ISPs) get caught. Regional overblocking: Your Miami, Florida location (U.S. East Coast) is generally low-risk, so this almost certainly points to a VPN/proxy or a specific ASN reputation issue rather than geographic targeting. IPv6 vs. IPv4: Some sites block only one protocol’s ASN. 3. Security Implications (Defensive Strength vs. Collateral Damage) Strengths: Extremely effective against automated attacks. Scrapers, bots, and brute-force tools love VPN/data-center IPs because they are cheap and disposable. ASN-level blocking stops entire botnets in one rule. Reduces origin-server load and mitigates DDoS amplification. Allows site owners to maintain a clean threat model without constant manual intervention. Weaknesses & Risks: Overblocking: Legitimate users lose access (e.g., journalists, researchers, travelers using VPNs for public Wi-Fi safety). Evasion arms race: Sophisticated attackers simply rotate to new residential proxy ASNs or compromised devices, while average users suffer. Single point of failure: If the site’s Cloudflare configuration is overly aggressive, it can create availability issues or denial-of-service against its own audience.

  • jonas
    Jonas Templestein (@jonas) reported

    @dalexeenko I would really like to be able to add arbitrary tags onto literally any control plane API call or env Binding call into a cloudflare service (e.g. browser rendering or vector search or dynamic worker loader etc) Then I should be able to access granular billing usage events with these tags on them I basically want to say to my customers “we’ll charge you X% more than cloudflare charges us” and then just use your billing data as basis for our customer invoices directly

  • stevethestupid
    Steve the Stupid (@stevethestupid) reported

    @notnullptr @catgirlprostate @dm4uz3 Considering they were hammering the website from a single IP, Cloudflare could easily be like "**** you" for spamming the site, here's something to trip you up.

  • khairulnazran
    K.Nazran() (@khairulnazran) reported

    > Was trying to move to Cloudflare Workers AI and AI gateway so in case one provider is down, I can route to another provider > Cloudflare is down :')

  • sanderbz
    Sander BZ (@sanderbz) reported

    @willhasroot @Railway @Cloudflare same issues here, lots of 503's from cloudflare dash?

  • Popcorn_Co
    Popcorn.co (@Popcorn_Co) reported

    @ns123abc cloudflare had 2000 bugs sitting around while charging enterprises premium rates for security services that apparently needed an ai to actually find the problems

  • jdfowler0x
    John D. Fowler (@jdfowler0x) reported

    @Cloudflare Props to @claudeai #ClaudeCode for letting me know Cloudflare's API was down before I even had to go to the the internet. #CloudflareOutage

  • acoyfellow
    Jordan Coeyman (@acoyfellow) reported

    @FranciscoHPro @Cloudflare dude i knew SOMEONE would notice i had to take down one, it's only 13.. of course you'd notice! (thank you <3)

  • _ChrisCovington
    Chris Covington (@_ChrisCovington) reported

    @AlanNeveu @vpetryniak @Cloudflare yup most have them builtin, they are basically the same thing from the managers pov. also yes the platform issues with these are 99% of the headache, not the tech itself lol

  • rwdaigle
    Ryan Daigle (@rwdaigle) reported

    @tejashaveridev @hreddy_218 @Cloudflare What was the shape of what you’ve built to help with this?

  • therobertta_
    Robert Ta (@therobertta_) reported

    The Cloudflare encryption story proves it. A junior engineer walked into Matthew Prince's office: "Boss, would not a better internet be an encrypted internet? So why are we charging for encryption?" This was their number one revenue driver. Prince said: "Let us figure it out." They drove costs down, gave encryption away free, and became a $70B company.

  • Yamik1shi
    Yamikishi (@Yamik1shi) reported

    Claude may have just bought part of OpenAI's oxygen supply Anthropic acquired Stainless, a devtools company that reportedly helped OpenAI, Google, Cloudflare, Replicate and Runway ship tools developers use to plug AI models into apps Simple version: AI labs build the engine Stainless helped build the pipes Python tools TypeScript tools Command-line tools Connectors that let agents touch real software Anthropic says Stainless already generated every official Anthropic SDK since the early API days TechCrunch says Anthropic will wind down hosted Stainless products for third-party customers That does not mean Claude owns OpenAI It does mean Anthropic bought a supplier sitting uncomfortably close to competitors' developer infrastructure Reported price: $300M+ Smart ecosystem strategy or anti-competitive punch? In this regard, please find attached FULL Claude Tutorial for Beginners

  • sem101031
    Cryptosem (@sem101031) reported

    If @Polymarket doesn’t open In some cases, the website may not load properly depending on your network/browser settings. A quick fix: Chrome, Brave, Edge etc 1) Open browser Settings 2) Go to Privacy & Security 3) Open Security 4) Find Use Secure DNS 5) Choose Cloudflare (1.1.1.1) Once done, try opening @Polymarket again.

  • Headshot_Madman
    Dan (@Headshot_Madman) reported

    @CryptoMikli Almost never but I got Cloudflare at $67 before it jumped to $200.

  • pkyanam
    Preetham Kyanam ☣︎ (@pkyanam) reported

    @daytonaio So I believe my account is Tier 1 access and something about that from what I can tell is causing issues with my application and Daytona’s proxy URLs. I have to proxy my traffic again through Cloudflare worker for my application to work correctly

  • uartnet
    @uartnet (@uartnet) reported

    @PitchAutopsy @levelsio I don’t know much about cloudflare tunnels But using my tunneling solution I’m blocking inbound traffic and still able to connect though the edge network exposed by rstream tunnels This is my normal setup for years to secure my remote devices Work like a charm

  • talktodre100
    Talktodre (@talktodre100) reported

    Frontend was down today. Cloudflare 502s everywhere. Trail: Browser ✅ Cloudflare ✅ Host ❌ → origin, not edge. HTTP logs looked fine, then nothing for 1 hour. Container went down and never came up. Cause: serve lived in devDependencies. **** skips devDeps (NODE_ENV=production). The Build passed. Start didnt fail immediately as well. Locally, npm run dev never calls serve. A clean rebuild after a routine merge finally exposed it. The Fix was one line into dependencies. trigger redeploy and server went back online in less minutes due to w well optimized CICD pipeline. Rule: if your start command needs it, it’s a runtime dependency.

  • MakJoris
    Joris Mak bsky: @jorismak.nl (@MakJoris) reported

    @Cloudflare I switch regularly between multiple devices, and they have no sync. Passkeys can be a pain if they don't allow you to login in differently. under Linux passkeys are plain up not working, on my desktop 'windows hello' jumps up to ask for a pin (I'd rather just have it prefilled)

  • VancePoitier
    Vance 🇧🇸 (@VancePoitier) reported

    @Cloudflare Being down is a terrible thing right now

  • JulesMandoX
    Jules Mando (@JulesMandoX) reported

    @fabienpenso @levelsio @dcbuilder What it means is that he closes ALL ports and only allows access via Tailscale for SSH and Cloudflare tunnel for HTTP. So he doesn’t give a damn that someone finds his server!

  • johnennis
    John Ennis (@johnennis) reported

    @siliconpug I was thinking of tech companies like Cloudflare, Block, ClickUp, and Meta Agreed the stupidity of upper management around AI in Fortune 500 companies is a big problem Corporate IT is not helping either

  • maksymkulia
    Max ☕️💻 (@maksymkulia) reported

    Just spent 5 hours to find the issue in our infrastructure, just to find that 1006 is caused purely due to @Cloudflare incident 🚬🗿 AI slop at it’s best

  • hifischizo
    🕯️schizocat 🕯 alt: @lofischizo (@hifischizo) reported

    yo cloudflare needs to **** OFF I JUST WANNA LOOK AT STRATEGYWIKIIII I PRESSED VERIFY RAAAAA I CANT EVEN STUDY CUZ QUIZLET USES CLOUDFLARE

  • Bankless
    Bankless (@Bankless) reported

    EARLY ACCESS: @Cloudflare Needs 100M TPS from Crypto to Fix the Internet | CEO Matthew Prince (@eastdakota) 🟢 Out now for Bankless Premium subscribers 📅 Out on public feeds Monday, May 25 Links below 👇

  • fishcake2026
    The Fishcake🇯🇵🌸 (@fishcake2026) reported

    Is Cloudflare R2 having issues or my code is having issues, always a dilemma

  • hoffridder
    ɟɟoɥɹǝppıɹ (@hoffridder) reported

    @transitracer Streaming 4k video is only like 30-50mbps iirc. The only "compelling use case" I can think of is if my home server suddenly gets a lot of traffic... But honestly that's unlikely and I could always add in Cloudflare until I upgrade the network connection.

  • Daniel_adsss
    Danilo (@Daniel_adsss) reported

    🚨🚨🚨ANTHROPIC JUST PUBLISHED THE FIRST GLASSWING REPORT AND THE NUMBER THAT MATTERS MOST IS NOT THE VULNERABILITIES FOUND. Claude Mythos found 10,000 critical vulnerabilities in one month. 2,000 bugs at Cloudflare. 271 in Firefox alone had ten times more than the previous version found. A forged certificate exploit in a crypto library used by billions of devices. A prevented $1.5 million fraudulent wire transfer in real time. 90.6% true positive rate after human review. open source maintainers are asking Anthropic to slow down because they cannot patch fast enough. Microsoft says patch volume will continue trending larger for some time. For decades, cybersecurity’s biggest problem was finding vulnerabilities fast enough. Now the problem has completely changed AI can discover security flaws faster than the global developer community can patch them. THE FUTURE IS AI!!!!

  • carlosadcaraujo
    Carlos Alberto (@carlosadcaraujo) reported

    Nobody warned me when your website gains a little traffic people will immediately try to take you out by sending crawlers to search for your secret environment variables and run up your API and compute bills. Lucky for me Cloudflare gave me 3 enterprise plans as part of the Cloudflare for Startups Program. I spend the last 66 hours finding the root cause of random spikes. Turns out it was a lollapolooza effect of vibe code conditions and it wasn't use effect, 1) chron jobs, 2) concurrent KV reads, 3) poor caching strategy, 4) hackers and crawlers. Turns out enterprise grade production readyness is a continous process. No user data was affected because I don't collect user data, I also don't use ENV secrets. After spending 90% of the last 66 hours understanding the problem the solution was straightforward 1) open dashboard and create CDN cache rules, 2) then activate managed cloudflare rule set for security default rules, default and create custom anti-crawler rules on top of it based on most common search paths, 3) workers-observability MCP tool. It would be very useful if we could create cache, DNS and security rules that are in the dashboard but with wrangler CLI. TLDR: Cache Rules Everything Around Me (C.R.E.A.M.)

  • andyhattemer
    Andy Hattemer (@andyhattemer) reported

    @maksymkulia @Cloudflare Oh wow someone just reported an issue to Neon related to 1006 error codes between cloudflare and Neon, what exactly was happening for you?

  • mariodian
    Mario Dian (@mariodian) reported

    @MrFunSocks @derrickgott007 You're right, I don’t know Plex. I never had the need to use it. But I have the whole Jellyfin pipeline that I can access remotely. If I need to run it on TV remotely, I can punch a hole into my network with Cloudflare or ngrok. Not a biggie. If you’re willing to pay $700 for them to do all this for you, then good for you!