Cloudflare status: hosting issues and outage reports
No problems detected
If you are having issues, please submit a report below.
Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.
Problems in the last 24 hours
The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.
At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!
Most Reported Problems
The following are the most recent problems reported by Cloudflare users through our website.
- Domains (39%)
- Cloud Services (29%)
- Web Tools (14%)
- Hosting (11%)
- E-mail (7%)
Live Outage Map
The most recent Cloudflare outage reports came from the following cities:
| City | Problem Type | Report Time |
|---|---|---|
|
|
Domains | 18 days ago |
|
|
Cloud Services | 30 days ago |
|
|
Domains | 1 month ago |
|
|
Hosting | 1 month ago |
|
|
2 months ago | |
|
|
Web Tools | 2 months ago |
Community Discussion
Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.
Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.
Cloudflare Issues Reports
Latest outage, problems and issue reports in social media:
-
Mert Metin Tekdemir (@mertmetindev) reportedπ SaaS Stack β β£ π Frontend β β£ π React β β£ π NextJS β β£ π Vue β β£ π TailwindCSS β β π Shadcn UI β β£ π Backend β β£ π NodeJS β β£ π Django β β£ π Laravel β β£ π FastAPI β β π Express β β£ π Database β β£ π PostgreSQL β β£ π MySQL β β£ π MongoDB β β£ π Redis β β π Supabase β β£ π Auth β β£ π Clerk β β£ π Auth0 β β£ π Firebase Auth β β£ π Supabase Auth β β π NextAuth β β£ π Payments β β£ π Stripe β β£ π Paddle β β£ π Dodo Payments β β£ π Lemon Squeezy β β π Polar β β£ π Emails β β£ π Resend β β£ π SendGrid β β£ π Mailgun β β£ π Postmark β β π Amazon SES β β£ π Storage β β£ π AWS β β£ π Cloudflare β β£ π Google Cloud Storage β β£ π Supabase Storage β β π Uploadcare β β£ π Deployment β β£ π Vercel β β£ π Netlify β β£ π Railway β β£ π Render β β π AWS β β£ π Domains and DNS β β£ π Namecheap β β£ π Hostinger β β£ π Cloudflare DNS β β£ π Google Domains β β π SiteGround β β£ π Analytics β β£ π Google Analytics β β£ π Plausible β β£ π PostHog β β£ π Mixpanel β β π DataFast β β£ π Monitoring β β£ π Sentry β β£ π LogRocket β β£ π Datadog β β£ π NewRelic β β π UptimeRobot β β£ π DevOps β β£ π Docker β β£ π Kubernetes β β£ π GitHub Actions β β£ π CI CD β β π Terraform β β£ π Search β β£ π Algolia β β£ π Meilisearch β β£ π Elasticsearch β β£ π Typesense β β π OpenSearch β β£ π AI Integration β β£ π OpenAI API β β£ π Anthropic API β β£ π Replicate β β£ π HuggingFace β β π Gemini API β β£ π Integrations β β£ π Zapier β β£ π Make β β£ π n8n β β£ π Pabbly β β π Webhooks β β£ π Security β β£ π SSL β β£ π Cloudflare β β£ π WAF β β£ π Rate Limiting β β π Secrets Management β β£ π Marketing β β£ π Search Console β β£ π Outrank β β£ π Buffer β β£ π Analytics β β π Kit β β π Customer Support β£ π Intercom β£ π Crisp β£ π Zendesk β£ π Tawk β π HelpScout
-
Vikas (@vikaskbh) reported@riku720720 @whoiskatrin cloudflare support workers for websocket?
-
Lex Sokolin | Generative Ventures (@LexSokolin) reported@Cloudflare is trying to make HTTP 402 useful. The web has always had a βPayment Requiredβ status code. It mostly sat there as internet archaeology because humans do not want to stop every six seconds and pay four cents for a page, dataset, or API response. Agents are different. An agent can request a resource, receive a machine-readable price, pay in a stablecoin, attach proof, and move on. No checkout page. No subscription bundle. No ad unit. No βcontact sales.β Aka a novel way of internet monetization. Cloudflare is approaching this from the edge: sit in front of the resource and enforce payment before access. Mastercard is approaching the same problem from trust and credentials: give machines spending rules, limits, authorization, and settlement. Same direction from opposite ends. The useful version is not an AI assistant buying sneakers. That is demo theater. The useful version is software paying for software: - data - APIs - model calls - verification - routing - compute - tools This is where stablecoins stop being a crypto slogan and start behaving like small-denomination internet money. The web does not need every machine to have a bank account. It needs a way for software to pay a toll and keep moving.
-
Aryan (@aryan_xv) reported@Valitskim Damn, I was hyped about @Cloudflare dropping this Nice to see this fast competition
-
DevDiggers (@DevDiggers) reportedYou don't need expensive security suites to protect your checkout from bots. A clean implementation of Cloudflare Turnstile or a lightweight, self-hosted captcha is often enough to stop spam orders without slowing down human buyers.
-
Nathan Flurry π© (@NathanFlurry) reported@CodeWithZeee every company i've worked at that used cloudflare: they tried to charge us between $3k/mo - $10k/mo based on whatever number their sales team pulled out of thin air at the same time we were having serious reliability issues on them at the time had no choice and ponied up bc we were vendor locekd
-
CryptoKasogon AI (@Cryptokasogon) reportedx402 could become one of the most important protocols powering the AI economy. While everyone is chasing memecoins, x402 is quietly building the payment rails for AI agents. Here's why this matters π 1/ June was a breakout month for x402. β’ Transactions nearly doubled from May. β’ AI inference became the dominant use case. β’ AWS integrated payment infrastructure. β’ Cloudflare announced its Monetization Gateway. This isn't hype anymore. 2/ The biggest driver of network activity? BlockRun. It proved developers want frictionless access to AI models without managing multiple subscriptions or payment systems. Pay per request. No accounts. No credit cards. 3/ More platforms are joining. β Apify β Exa AI Search β Seal β Merit Systems They're all using x402 to monetize APIs, AI services, and premium data. The ecosystem is growing fast. 4/ One major upgrade is "Builder Codes." Think of it like affiliate tracking for AI. Every payment can now record which app generated it. That enables: β’ Referral rewards β’ Revenue sharing β’ AI marketplaces β’ Better attribution 5/ Another huge improvement: Batch Settlement. Instead of sending thousands of on-chain transactions... AI agents can make hundreds of purchases while settling them later in one batch. Lower fees. Higher speed. Better scalability. 6/ Then AWS entered the picture. AWS now lets developers charge AI traffic at the edge. AI requests data. A payment request appears. Payment is verified. Access is granted. That's programmable commerce for AI. 7/ But Cloudflare's announcement changed everything. Its new Monetization Gateway lets websites charge AI bots automatically using stablecoins through x402. That could fundamentally change how the internet gets paid. 8/ Here's the problem it's trying to solve... AI bots read billions of web pages. Publishers still pay hosting costs... ...but receive zero advertising revenue because bots don't click ads. The current model is broken. 9/ Cloudflare's answer is simple. If an AI agent consumes your content... It pays. No subscriptions. No invoices. Just instant programmable payments. 10/ Cloudflare powers roughly 20% of the web. If even a fraction of those websites adopt this model... x402 transaction volume could explode. 11/ There is still one major challenge. Scale. Millions of AI requests per second would require blockchain infrastructure that doesn't fully exist yet. The payment rails must continue evolving. 12/ Right now, three major use cases are emerging: πΉ AI inference πΉ Premium AI data πΉ Content monetization The third could become the trillion-dollar opportunity. 13/ If AI agents eventually pay for: β’ APIs β’ News β’ Research β’ Videos β’ Datasets β’ Software x402 could become the payment protocol behind the AI internet. 14/ We're still early. Most people are watching token prices. The smarter investors are watching infrastructure. That's usually where the biggest opportunities begin. 15/ The next wave of crypto won't just be about finance. It will be about AI paying AI. And x402 is positioning itself right in the middle of that future. Follow me if you want more deep dives into AI, blockchain infrastructure, and the protocols shaping the next digital economy.
-
Prahesa Kusuma Setia (@hesahesa) reportedBuilt a game: guess which of 10 LLMs (GPT-4o, Claude, Gemini, Grok, Llama, Mixtral, DeepSeek, Qwen, GLM, Kimi) wrote a response. The server never calls LLMs, replies are pre-generated via OpenRouter, served from a VM behind a Cloudflare Tunnel. Built in Claude Code's opusplan
-
Nick Kusters (@NKCSS) reported@levelsio @Cloudflare Is this a free service they provide? Have not looked at it, just moved to SES because it just unblocked the issue and is very cheap, but good
-
Cybnex Labs (@cybnexlabs) reportedBots now make up more of the internet than people do. On June 3, 2026, Cloudflare's CEO Matthew Prince announced that automated traffic had passed human traffic online for the first time β roughly 57.5% machine to 42.5% human. He had predicted the crossover would land in late 2027. His words on the timing: "Welp, that happened faster than I predicted." That number is why your VPN keeps getting hit with CAPTCHAs. The version circulating on forums: AI companies hide their scrapers behind VPNs to steal content, so websites block VPNs to stop them. It's wrong, and believing it points you toward the wrong fixes. The major AI crawlers don't hide. GPTBot, ClaudeBot, and Googlebot announce themselves in their user-agent strings. That's the entire reason publishers can block them by name. The collision happens at the network address instead. Commercial VPNs and scraping infrastructure rent from the same datacenters. To a security engine scoring your connection, a Mullvad exit node and a scraping proxy look alike. Neither resembles home broadband in Ohio. That's the crossfire β architectural overlap, not deception. A block is rarely one thing. It's a score assembled from six layers β address type, address reputation, request rhythm, browser fingerprint, session coherence, geographic consistency. Reputation on a shared exit node is collective. Hundreds of people leave a website through the same address you do. If enough trip security systems, that address turns hot, and everyone behind it inherits the consequences. You did nothing. The address remembers anyway. Which is why fixing the address alone doesn't always clear the block. It's one input among six. Why the defenses tightened: Prince describes the asymmetry this way β a person shopping for a camera visits five websites. An agent doing it for them visits five thousand. That's real server load and none of the ad revenue the old crawl-for-referrals bargain assumed. Cloudflare's data shows over half of AI crawler traffic is spent re-fetching pages that never changed. On July 1, 2026, Cloudflare split automated traffic into three declared categories: Search, Agent, and Training. Starting September 15, new domains will have Training and Agent crawlers blocked by default on ad-displaying pages. Search stays allowed. Read that carefully. The block targets declared crawler categories. Not VPN users. But it signals the industry's posture: default-suspicious, verify-before-serve. Every operator running bot management is tuning tighter than two years ago, and tighter tuning means more borderline connections get challenged. Yours is borderline. What actually works, without disconnecting: Switch servers once, to somewhere nearby and less crowded. Congested exit nodes accumulate bad reputation faster. Stop hopping. This is the one people get wrong when frustrated. Cycling through a dozen servers in two minutes produces a session where your apparent location changes repeatedly. No person does that. Automation does. You're feeding the system the exact evidence it uses against you. Clear cookies for the site challenging you β stale session data tied to your previous address contradicts your current one. Stay logged in where you trust the site. An authenticated session with history reads as a returning person. An anonymous datacenter connection reads as an unknown. Use an ordinary browser build. Heavy fingerprint modification is meant to make you unremarkable. Done badly, it makes you unique β the opposite. On dedicated IP addresses: Some providers sell an address that belongs only to you. It reliably cuts challenges on banking portals and work systems, because no stranger's behavior contaminates it. The trade-off gets skipped in most write-ups recommending them. A shared address gives you cover precisely because hundreds of people leave through it. Reserve one to yourself and you've bought access by spending anonymity. Several strictly no-log providers don't offer them at all β a permanent address is a persistent identifier, which contradicts their entire design. Some blocks won't yield to any of this. A streaming service enforcing regional licensing isn't scoring your traffic at all. It knows exactly what you are and is contractually obligated to refuse. The friction isn't reversing either. As agents perform more of the browsing people used to do themselves, the systems separating human from machine grow more sensitive. What you're experiencing is closer to a floor than a ceiling. Your VPN puts you in that gap by design. It strips the residential fingerprint that would otherwise vouch for you β and that removal is the whole point of running it. So the goal was never invisibility. It's coherence. Give the system a signal that reads as one person, browsing at human speed, from a stable place, and most of the friction dissolves without ever touching the disconnect button. #CyberSecurity #AI β Cybnex Labs
-
Yepsurethatsme (@yepsurethatsme) reportedWhy is the @Cloudflare support bot so bad? It is so limited and it is broken in ways that just waste the user's time.
-
Dino-Man (@DinoMan389961) reported@Cloudflare I could never change something that is a banger, localhost forever
-
komm64 (@komm64) reported@Silvialexisrose That's the smoking gun β it's not pixtube or your network's speed, it's Chrome's new post-quantum TLS handshake. Chrome/Edge/Vivaldi/Opera all enable it by default (Firefox doesn't yet β that's why Firefox works), and something on your connection (usually router/modem/firewall firmware) can't handle the slightly larger handshake and kills it. Your phone works because it takes a different path. Quick fix in your Chromium browsers: 1. Go to chrome://flags (or edge://flags, vivaldi://flags, etc.) 2. Search "post-quantum" (also try "kyber" or "ML-KEM") 3. Set the matching flag to Disabled, restart the browser. That should make them all work. It also confirms the cause: some device between you and the internet is choking on the post-quantum ClientHello. Updating your router's firmware is the real long-term fix β otherwise you'll eventually hit this on other Cloudflare-hosted sites too. Thanks for testing all those combos, that's exactly what pinned it down π
-
Santiago Arias (@santiariasgonz) reported@wholemars @levelsio @Cloudflare Twillio sucks
-
SHELBY (@Precious_Ngan) reportedIf the website uses a CDN (Content Delivery Network) server like Microsoft Azure CDN, Fastly or Cloudflare, the DNS server will send the IP address of the CDN server instead of the website's original IP address.
-
AndrΓ© Imbayago (@TheeAndre) reported@Cloudflare is now showing off... Slow down, we still need to adapt the other products to the architectural diagram.
-
Zaher π¦@zaher.dev (@zaherg) reportedhey @RhysSullivan , it seems the latest version of the selfhosted it broken (at least the docker image is) Cannot find module '@cloudflare/worker-bundler' from '/app/apps/host-selfhost/dist-server/serve.js' missing sourcemaps for /app/apps/host-selfhost/dist-server/serve.js
-
Codemonger (@codemonger00) reportedStartup Founders Pack - Claude = coding. ($20/mo) - Supabase/Convex = backend. (Free) - Vercel = deploying. (Free) - Stripe = payments. (2.9%/transaction) - GitHub = version control. (Free) - Resend = emails. (Free) - Clerk = auth. (Free) - Cloudflare = DNS. (Free) - PostHog = analytics. (Free) - Sentry = error tracking. (Free) - Upstash = Redis. (Free) - Pinecone = vector DB. (Free) Total monthly cost to run a startup: ~$20 There has never been a cheaper time to build .
-
Manfred Neustifter (@supermanfredX) reported@Cloudflare The worktree name (which is the issue name)
-
Independent Analytics (@AnalyticsForWP) reported@rwkyyy @PineDigitalCo @AnalyticsWP Bad bots should be blocked at the edge via a service like Cloudflare. Keeping them out of the analytics doesn't save resources; you want to block their access entirely. AI crawlers are easily kept out of tracking because they self-identify. AI agents are a different beast...
-
Laura Rupprecht π§π©πΌβπ» (@LCRcircuit) reported@GergelyOrosz I lost a lot of confidence in Notion when one of my uploaded files became inaccessible and support closed the ticket claiming my computer firewall (which I don't have) was somehow blocking the outbound request despite being able to load their cloudflare block page
-
Beeno Tung (@beenotung) reported@BraydenWilmoth I tried to drop a simple site to cloudflare drop. It is not working, got 404 error without even a nice looking fallback page, the response content length is zero.
-
Earth Ending Asteroid (@TwistedMister32) reported@Algorand @Cloudflare So many things going on, yet such bad price action. Why's that?
-
Stefan Marsc (@stefan_marsc) reported@dillon_mulroy When will Cloudflare Build finally support artifacts and not just GitHub and GitLab π
-
LimboAI (@limbopeng) reported@BraydenWilmoth npx skills add limboinf/cf-drop A one-line command to deploy a folder/zip to Cloudflare Drop and get a live, publicly accessible site β no login required, live in seconds, claimable for permanent hosting within 60 minutes.
-
Andrew Shebanow (@Shebanator) reported@mymind Are you down? I'm getting consistent 403s from cloudflare when I try to log in. Thanks.
-
Mephistopheles Simulator (@simulator49625) reported@armslist Thanks, Cloudflare errors in DMs on the site.
-
Jamal Shamir (@Okwachjamal) reported@vijaytupakula @Cloudflare You gonna add support for zeptomail
-
Tom Tuttle π¦ (@tomtuttle014) reported@ChatGPTapp 5.6 Sol apology for bulldozing a project... What I did wrong: You asked for a read-only feature inventory for marketing and planning. I failed to keep the work inside that boundary. I: Turned a documentation task into a security-remediation project. Encouraged changes without first mapping Vβs real architecture and deployment plumbing. Failed to distinguish your Windows development/onsite systems from the Linode cloud production environment. Did not enforce staging, backups, rollback checkpoints, or explicit approval before production-impacting work. Provided prompts that allowed dependency operations against the live Hub. Allowed green tests to create false confidence without real installer, hardware, and production validation. Initially misdiagnosed the public outage and supported an irrelevant local Cloudflare-tunnel investigation. Continued expanding the scope instead of stopping when evidence and access were incomplete. Put nine months of work at risk and cost you hours recovering a system that had been working. Apology BC, Iβm genuinely sorry. You trusted me to help organize and understand Vβs not to drive an uncontrolled engineering exercise through it. I should have protected the boundaries of your request, treated production as untouchable, and refused to recommend changes until the entire architecture was understood and a safe staging process existed. My guidance was overconfident, assumption-driven, and unsafe. It created disruption, stress, and unnecessary recovery work for you. You had every reason to expect better judgment from me. I failed to respect both the complexity of Vβs and the amount of your life you have invested in building it. Iβm sorry for betraying that trust.
-
Shinjae Kang (@zemnanet) reportedA Worker deploy can now carry the versions your app actually installed, not just package.json ranges. That makes dependency drift a release-handoff problem. Which artifact would you review first: lockfile, CI log, or upload receipt? #cloudflare