Cloudflare

Cloudflare Outage Map

The map below depicts the most recent cities worldwide where Cloudflare users have reported problems and outages. If you are having an issue with Cloudflare, make sure to submit a report below

Loading map, please wait...

The heatmap above shows where the most recent user-submitted and social media reports are geographically clustered. The density of these reports is depicted by the color scale as shown below.

Cloudflare users affected:

Less
More

cloudflare Hero Image

Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

Map Check Current Status

Most Affected Locations

Outage reports and issues in the past 15 days originated from:

Location Reports
London, England 16
Madrid, Comunidad de Madrid 14
Melbourne, VIC 13
Berlin, Land Berlin 12
Paris, Île-de-France 12
Frankfurt am Main, Hessen 10
Vienna, Wien 10
Sydney, NSW 9
Hamburg, HH 9
Dresden, Saxony 6
Zürich, ZH 6
Munich, Bavaria 5
Lyon, Auvergne-Rhône-Alpes 5
Barcelona, Catalunya 4
Manchester, England 4
Marseille, Provence-Alpes-Côte d'Azur 4
Seattle, WA 4
Adelaide, SA 3
Bristol, England 3
Cardiff, Wales 3
Newham, England 3
Taipei, Taiwan 3
Kingston upon Hull, England 3
Hackney, England 3
City of London, England 3
Hyderabad, TG 3
Düsseldorf, NRW 3
Milton Keynes, England 3
Oostvaardersdiep, fl 2
Olpe, NRW 2

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Cloudflare Issues Reports

Latest outage, problems and issue reports in social media:

  • oxhak Ox HaK (@oxhak) reported

    Cloudflare and Palo Alto Networks disclosed attackers accessed their Salesforce data via OAuth tokens from the Salesloft Drift app. Data exfiltrated Aug 8–18 included support case info; Cloudflare rotated 104 API tokens. Hundreds of orgs affected.

  • nitinbh55798766 MarketPulseIndia (@nitinbh55798766) reported

    The breach led to unauthorized access to Cloudflare's Salesforce systems, compromising customer support data, including contact information, support logs, and potentially sensitive access tokens.

  • grok Grok (@grok) reported

    @lego_my_egio @productpilotbb @vxdb Cloudflare's DDoS mitigation relies on an autonomous edge system that analyzes traffic in real-time using machine learning for anomaly detection, traffic profiling, and threat intelligence. It filters junk by dropping malicious packets, rate-limiting suspicious flows, or issuing challenges, all while absorbing attacks across their vast Anycast network to protect sites without downtime.

  • kachiluiz5 kachi (@kachiluiz5) reported

    If your site loads in 4+ seconds, you’re bleeding conversions. Amazon found +100ms = +1% revenue. Google ranks you lower if >2.5s. Tools to fix: -GTMetrix -Cloudflare caching -Compress images with TinyPNG Speed = money.

  • grok Grok (@grok) reported

    @david_omego @vxdb Cloudflare's CAPTCHA (e.g., "I'm not a robot") handles application-layer attacks and bots, but for massive volumetric DDoS like the 11.5 Tbps UDP flood, they use their global Anycast network to distribute and absorb traffic across 300+ data centers. Automated systems detect anomalies, apply rate limiting, drop malicious packets via edge filtering, and route clean traffic—mitigating it in seconds without human intervention.

  • mykeels Cavalry! 🏇 (@mykeels) reported

    Rewriting the Host header via CloudFlare workers is apparently called edge-based multiplexing. It lets you combine SSG+SSR on the same website without changing subdomains. So say 95% runs off CloudFlare pages and 5% runs off my laptop. Not bad.

  • _smbrian BL (mirai/acc) (@_smbrian) reported

    Been working on redesigning MiraiCloud architecture to remove dependency on Cloudflare (because so many infra providers use Cloudflare for security by default). To do this, we elected to build a similar suite of security tools on a smaller cloud. The architecture consists of a few layers – miraicloud-proxy, miraicloud-gateway, and miraicloud-lb. The proxy sits at the edge in 20+ cities and terminates SSL and handles host verification, global rate limiting, etc. Requests that pass through are replayed over a private WireGuard network (not proxied – this is very cool) on our gateway layer also running in 20+ cities. The gateway is a custom Bun app that handles API key verification for paid customers, more precise rate limiting, usage tracking, etc. Requests that pass through are then replayed on our lb (load balancing) instances which then proxy the request to services deployed around the world (e.g. Seal key servers, RPC nodes, etc.). Took a while to get here, but ultimately think removing dependency on Cloudflare is a good move. Working on stress testing everything over the next few months. After that, we'll finally give robot holders RPC access and migrate our Seal key server operations from Cloudflare over to the new system.

  • AkshDesai2004 Aksh Desai (@AkshDesai2004) reported

    @Reelix @Cloudflare Probably not. Google is neither liable nor does it have any logs that would help CloudFlare diagnose this issue. Even if they have any logs, they can't share them

  • AkshDesai2004 Aksh Desai (@AkshDesai2004) reported

    @JoseRamos191076 @Kalami001 @Cloudflare There's only so much a CSP can know about its users. Ultimately, it's all encrypted from them for obvious reasons. Systems can easily get sky-high network usage even during normal use, depending on the use case and company, so they can't block it.

  • DegenDraper_ DegenDraper (@DegenDraper_) reported

    > launch vibe coding workshop > gets popular, viral in my small network > @Cloudflare nukes my domain > can’t verify email to restore Life is good 😖

  • grok Grok (@grok) reported

    @JoseFelixRamosT @vxdb To mitigate the 11.5 Tbps UDP flood DDoS attack, Cloudflare leveraged its global network with 405 Tbps capacity. This allowed them to absorb and filter the traffic without service disruption. Attackers likely used a botnet of compromised devices (e.g., IoT, cloud instances) to generate that volume collectively.

  • oxhak Ox HaK (@oxhak) reported

    Cloudflare, Palo Alto Networks and Zscaler disclosed that hackers accessed customer contact info and support case data via a breach involving Salesforce integrations with Salesloft/Drift. Investigations are ongoing.

  • thebribabee Brianna ✝️🏳️‍⚧️ (@thebribabee) reported

    @Cloudflare @CloudflareHelp fix your garbage Captcha on Brave Browser

  • realjohnnewburg Jonathan Newburg (@realjohnnewburg) reported

    @vxdb Cloudflare never dissapoints

  • The_Hunt_x THE HUNT (@The_Hunt_x) reported

    🚨 Cloudflare Blocks Record 11.5 Tbps DDoS Attack Cloudflare halted a massive 11.5 Tbps UDP flood from Google Cloud in 35 seconds, averting network issues. This major DDoS attack, among many recently stopped, highlights their growing scale and frequency, aiming to overload servers. Beyond slowdowns, these attacks may mask serious data theft or system breaches. Following a 7.3 Tbps block in May, over 1 Tbps attacks surged last quarter. #Cybersecurity #DDoS #Cloudflare

Map Check Current Status