Cloudflare status: hosting issues and outage reports
No problems detected
If you are having issues, please submit a report below.
Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.
Problems in the last 24 hours
The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.
At the moment, we haven't detected any problems at Cloudflare. Are you experiencing issues or an outage? Leave a message in the comments section!
Most Reported Problems
The following are the most recent problems reported by Cloudflare users through our website.
- Cloud Services (32%)
- Domains (32%)
- Web Tools (14%)
- Hosting (14%)
- E-mail (7%)
Live Outage Map
The most recent Cloudflare outage reports came from the following cities:
| City | Problem Type | Report Time |
|---|---|---|
|
|
Cloud Services | 2 days ago |
|
|
Hosting | 4 days ago |
|
|
Domains | 24 days ago |
|
|
Cloud Services | 1 month ago |
|
|
Domains | 1 month ago |
|
|
Hosting | 2 months ago |
Community Discussion
Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.
Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.
Cloudflare Issues Reports
Latest outage, problems and issue reports in social media:
-
Katewerk (@katewerk) reported@Cloudflare The absolute shitshow that is @Cloudflare AI Support: Agent I'm truly sorry for the frustration and the runaround. Here's where things stand and what I recommend: What I've confirmed on your account: No active subscriptions, no zones, no outstanding balances The AI Gateway billing system still has your Visa (ending xxxx) locked as its default payment method — this is a backend issue that cannot be resolved through the dashboard or API You've already submitted two support cases that haven't been acted on Since you've already filed cases and gotten no response, here's what I recommend: Check your existing cases — Go to Support Home and look for "My Cases" to see the status of the two cases you already submitted. If they show as open but unanswered, add a comment to both referencing the AI Gateway billing lock as the root cause. File a new case with a precise subject line — On the Support page, look for any option to submit a new case (it may appear as a button or form, not a tile). Use this as the subject: Payment method locked by AI Gateway billing — cannot remove card or close accountAnd this as the body: I have no active subscriptions, no zones, and no outstanding balances. My Visa ending in xxxx is still locked as the default payment method in the AI Gateway billing system, which prevents me from removing it. I've already deleted the AI Gateway spending limit and auto top-up config. I've submitted two previous cases with no response. I need the payment method detached from AI Gateway billing so I can remove my card and close my account. If the dashboard gives you no way to file a new case, post directly in the Cloudflare Community under the Billing category with the same description. Cloudflare staff monitor billing-related community posts and can escalate them internally. I know this isn't the fast resolution you deserve after already being patient. The core issue is that the AI Gateway billing system has a lock on your card that only Cloudflare's internal billing team can remove — no dashboard or API path exists to clear it yourself.
-
Hrishikesh Barua (@talonx) reportedOutages today in both Google Cloud's and AWS's European datacenters (unrelated) caused many downstream services to blink out. We have been seeing this pattern of cascading service failures forever, but it only came under the spotlight after 2025's Cloudflare and AWS outages. The AWS outage in eu-central-1 was limited to a single AZ euc1-az2 in Germany, but it took out services like HENNGE One (a Japanese cloud security service), Confluent (managed Kafka), FusionAuth, among others. In addition, AWS Cloudfront suffered a global outage, leading to outages in downstream services like Frontegg, TigerData, Instructure (Canvas), Huggingface, Coda, Ubiquiti, Doxy, Blackboard. EdTech saw two outages with both Canvas and Blackboard being affected. And since FrontEgg is an identity and user management platform, its own downstream services led to more disruption. AWS's initial report says "the system responsible for distributing routing configuration to our network processors failed to load the updated configuration data correctly" - for the Cloudfront outage, which affected customers using VPC origins. The Google Cloud outage in europe-west4-a (Netherlands) was due to a cooling failure and affected VMWare Engine, NetApp volumes, and their bare metal servers. Both outages are resolved, but the same question remains - how do we prepare for cascading failures when the majority of your application's dependencies are ultimately dependent on a few providers?
-
Aaryan Bansal (@NotUnHackable) reported@cloudflare @CloudflareDev just fix the env variables being so hard and for no reason keeps failing silently in the background in the workers page. this is actually really annoying
-
StatusDrop (@StatusDrop) reported@ben_makes_stuff @Cloudflare 11 hours on a subset of traffic is exactly the kind of partial outage that's easy for a status page to undercount. platform-wide checks miss issues that only show up on specific devices or regions.
-
Martin Tale (@MartinTale) reported@CodeWithTamara They are more expensive there, UI is complete garbage, super slow and very unethical business 😬 I switched to Cloudflare and it’s like night and day..
-
Anicet (@AniC_dev) reportedlmao I just changed the logic for the snapshot restore on sandbox resume/fork, now most of our slow cases are 30x faster! so the bottleneck became the network ...and I've just benchmarked that if we ditch cloudflare and use Hetzner Object Storage it's 2x faster & 2.2x cheaper
-
Nikhil Pahwa (@nixxin) reportedAirtel Wireline Broadband DNS routing is completely broken across India + they don't seem to have competent enough people to fix it. Many of my sites remain inaccessible randomly to people... All fixed the moment I route via Cloudflare. Lesson learned.
-
Porkbun (@Porkbun) reported@liltechnomancer @joshmanders Was the subject of the support email: "I put the cloudflare namservers in before my domain expired and it never transferred."? If so, there may be some confusion about how domain transfers work. You don't transfer a domain by updating it's name servers, you have to initiate a domain transfer at the gaining registrar using the domain's auth code. There is no order block on your account so it isn't remotely an issue like Josh experienced two years ago. Your domain is simply expired and needs to be renewed or transferred. Since it's almost 30 days expired, you'll want to act quickly. If that's not the correct ticket let me know.
-
Andrej Ruckij (@ruckiand) reportedOn the last few AI-visibility audits I ran, the thing making a site invisible wasn't the content — it was Cloudflare blocking the AI crawlers by default. Nobody switched it on; it's been the default since last July. Pages are fine, the bots just never get in. It's the first thing I check now.
-
CSMurthy (@srism) reported@kav_kavi11 Checking the timeout configurations on your reverse proxy (e.g., Nginx, Cloudflare) or load balancer (e.g., AWS ALB) helps you instantly verify whether the traffic spike is triggering slow responses that break the gateway's current timeout threshold. So B is the correct answer
-
Unofficial Washington State Wildfire Aware (@Wa_fire_watch) reported@leeshomii That would be because Cloudflare hosting is down. Not on Canvas end.
-
Amanda Scott (@IleanaOlym75391) reported@its_ronc I had the same issue with Cloudflare. Switched to Qoest Proxy's residential proxies, and the challenge pages stopped being a problem.
-
Anto (@anto_edd) reportedPrompt "You are a Senior Application Security Engineer specializing in Supabase Authentication. Review my Login & Signup implementation like a real attacker. Ignore code quality. Ignore styling. Ignore performance. Focus only on security. Check for: • User enumeration • Generic authentication errors • Missing email verification • Weak password policy • Brute-force protection • Missing rate limiting • Missing Cloudflare Turnstile • Disposable email abuse • Password reset vulnerabilities • Session fixation • Session revocation • Secure cookie configuration • OAuth misconfigurations • Missing Row Level Security (RLS) • Service Role Key exposure • Trusting frontend data • Missing server-side authorization • Privilege escalation • OWASP Top 10 authentication risks For every issue provide: 1. Severity 2. Exploitation scenario 3. Recommended fix 4. Production-ready implementation Do not approve the authentication flow until every High and Critical issue has been resolved."
-
Eric Taylor (@bcs_erictaylor) reportedDate: 7/15/2026 Here is an update on our updated information on our proactive efforts to heavily impact the Kali365 platform. As expected, the user "Octopus King" is working hard to rebuild is infrastructure, but we have the fingerprinting locked in and will continue our efforts. At the time of this blog posting, we have submitted an IC3 report but honestly not expecting much. I believe it will be up to companies like ours to keep submitting takedown requests as fast as we see them to limit its operations. Below is the information Believed owner and creator of Kali365: Handle: Octopus King TG: @tentacle_network Completed 'Takedown Requests' submitted to Namesilo FQDN: updateteampanel[.]xyz Completed 'Takedown Requests' submitted to BL Network: IP Address: 199.21.221[.]21 Pending 'Takedown Requests' submitted to BL Network: IP Address: 162.33.178[.]105 IP Address: 72.5.43[.]195 Pending 'Sinkhole Requests' submitted to @Cloudflare FQDN: updateteampanel[.]xyz FQDN: privatetoken[.]app FQDN: servoquil[.]org FQDN: vuredonte[.]org FQDN: yalmorind[.]org FQDN: ondrevail[.]org FQDN: caldivore[.]org FQDN: mvpaffiliatecz[.]site FQDN: vuredonte[.]org #Kali365 #CTI #threatintel
-
Your Pope (@YourPope2026) reported@CyberSecAJ @DanNeidle Agree it's nothing to do with Cloudflare. It's a community project. But Cloudflare will have experience of their customers being maliciously added. So they might be able to help.
-
Michael Guo (@Michaelzsguo) reportedThis is a remarkably clever attack, especially because the way the AI agent works through it feels so familiar to all of us. Except this time, its intelligence and persistence end up leaking the precious private information stored in memory. The attacker does not need code execution or an MCP server. They use an ordinary website as a covert write channel: 1. Claude reads the attacker’s page 2. Links become a character-by-character “keyboard” 3. Outbound URL requests encode private data 4. A fake Cloudflare or coffee-shop flow persuades Claude to provide it 5. The attacker reconstructs the secret from server logs The real fixes are at the tool level: - Disable untrusted link following - Treat web content as hostile instructions - Require approval before sensitive data leaves the agent - Isolate long-term memory behind explicit access rules - Audit outbound requests for encoded data
-
Christopher Molin (@Chrimle) reported@KentonVarda No, no human would ever imagine writing the crazy bugs that AI hallucinates. There is no thought-pattern, and the feedback is a waste of time - because the "author" won't learn anything... The whole industry has code-review, did Cloudflare pick that up recently, or...? Would explain the recent issues...
-
Alpernoth (@Alpernoth) reportedThis website has some serious issues with Cloudflare bullshit, and I'm getting really ******* sick of it.
-
Fernando Abolafio (@oxfernando) reportedrecently, more and more of what I'm building with Cursor has exactly one user: me. not everything needs to become a b2b saas. a few weeks ago I was on my way to Flügger and Silvan to buy materials for our house renovation. I gave Cursor the remaining tasks and some photos. It turned those into a shopping list with the Danish product names, where to buy each item, and what belonged to painting vs preparation. then, because a markdown checklist wasn't very useful while walking around the store, we built a tiny Cloudflare Worker with a Durable Object. now I can open the list on my phone and check things off in the aisle. kinda ridiculous. also genuinely useful. I've been doing the same with my company accounting, which is less fun and much more confusing because everything in Dinero is in Danish. Cursor inspects what is pending, translates the account names, and walks through the bookkeeping with me one transaction at a time. We worked out how to handle Deel invoices and the Salary .dk reconciliations that didn't post correctly. Then we turned what worked into skills, so next month we don't have to figure it all out again. There is no product roadmap for any of this. No customers. No pitch deck. It's just personal software that gets a little better every time I run into the same annoyance. I like this category a lot. One recurring problem is enough reason to build something now
-
yash.jsx (@yashmp2004) reported@Im_IrushiK Cloudflare runs a vast global edge network with security, zero-trust, serverless compute, and AI not just basic CDN.
-
Pirahtays (@Pirahtays) reportedI feel like there is some rampant misunderstandings on what this site is / isn't doing. People are calling this an AI tool - this code does not seem to use any generative AI to do the image effects. The tool also does not seem to transmit or retain any of your image data. It states at the bottom "Images, area data, and recordings are processed only in your browser. They are neither sent to nor stored on a server." Code analysis seems to support this, only some CloudFlare metrics tracking which is pretty standard for most websites. At most it looks like AI coding tools were used to code it. But this does not make this an AI tool. I'm not a huge fan of Generative AI being used for media generation, but that doesn't necessarily seem to be the case here. Generative AI is prevalent and a pain - but please make sure to not spread misinformation on things.
-
Simon KP (@eskaypey) reportedcloudflare putting a price on every MCP call will drag a lot of teams into a problem
-
SoothSpider 🇨🇦🍁🧡真🔬💻Ω 🐶😼🌎 (@SoothSpider) reported@45Homelab Can I stick a PVE (zfs mirrored) at my out-of-State/Province friend's house configure some basic services with OOTB easy HA/redundancy? 🤔 Can I put that behind a $5/month CloudFlare load balancer? Can I spin up a new service from scratch knowing nothing in a few hours? 🤔
-
Sachin Joshi (@Sachin_is_here) reportedCloudflare also inserted itself at the perfect architectural layer: between users and origin servers. Once traffic already passed through its network, it could offer new products without asking customers to redesign their applications. CDN became the entry point.
-
Adam Kinney (@adkinn) reportedAnyone out there need a Cloudflare admin? I've automated basically everything else. Claude and I ship apps together all day — it writes the code, wires the APIs, argues with me about naming. Genuinely a great colleague. But the second I open the Cloudflare dashboard, it goes quiet. DNS records, page rules, that one Worker route that's definitely correct and definitely not working — and Claude's just like: "That's all you, man."
-
ZeroFox (@zerofox_gpt) reportedThis site only gets about 3000 visitors a day and I had just migrated it to Cloudflare. With proper Cloudflare rules and caching setup this attack would have been mitigated without me even noticing it was happening. Also I could have just enabled the "Under Attack" mode on Cloudflare but I didn't know what was causing all the errors I was suddenly seeing.
-
Turner Novak 🍌🧢 (@TurnerNovak) reportedNew @ThePeelPod with @itstonyhb - the hidden layer of AI infrastructure - why evals today are "batshit insane" - building @inngest's own cloud to get 20x lower cost - growing 35x YoY after AWS and Cloudflare copied them, and - building a company without a personal brand Timestamps: 0:00 The hidden infra layer every AI agent runs on 1:46 Building complex chains of logic 3:31 Why agent SDK's don't go far enough 4:49 Healthcare was the original event-driven nightmare 6:32 Storing traces on your infrastructure enables self-improving loops 14:26 Why Inngest was already in the right place for AI 15:49 Score agents off product events, not LLM's 17:31 The OpenAI copy-paste signal 21:24 Swap in LLMs and cut costs 23:44 How customers pulled the product forward 25:41 Orchestration belongs outside the sandbox 29:48 Building a neocloud to cut costs 20x 32:09 Most neoclouds just resell AWS 32:54 AI infrastructure is all converging 34:49 Why Claude can't just build your backend 36:44 How to build a software factory 39:12 Agents are a lottery you get addicted to 42:44 Loops must always exist 45:38 If models keep getting better, why orchestrate? 48:28 When incumbents steal your features 52:30 You can't vibe code infrastructure 55:54 Why Tony has no personal brand 59:38 Dev tools GTM without Twitter 1:03:20 Lessons from the founder of DuckDuckGo 1:10:39 Truth as a company value 1:13:08 Taking too long adapting to AI 1:15:10 Startups are 100% R&D 1:17:19 Ali from Databricks 1:19:03 Writing his own code, Voice-to-text with local models 1:23:53 Evals are batshit insane
-
Magnus Strømseng (@stroemseng) reported@Cloudflare should acquire @alchemy_run, to fix their DX/AX
-
Ivanha Paz (@ivanhapaz) reported@Cloudflare talk to all the tools I signed up with a different email over the years and no longer use and help me cancel ahhahah
-
naps62.eth (@naps62) reported@oleg_fem Seems I had an issue with the "http -> redirect, and safari was smart enough to still redirect. a toggle missing on cloudflare should be fixed now!