Cloudflare Outage Map
The map below depicts the most recent cities worldwide where Cloudflare users have reported problems and outages. If you are having an issue with Cloudflare, make sure to submit a report below
The heatmap above shows where the most recent user-submitted and social media reports are geographically clustered. The density of these reports is depicted by the color scale as shown below.
Cloudflare users affected:
Cloudflare is a company that provides DDoS mitigation, content delivery network (CDN) services, security and distributed DNS services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.
Most Affected Locations
Outage reports and issues in the past 15 days originated from:
| Location | Reports |
|---|---|
| Paris, Île-de-France | 2 |
| New York City, NY | 1 |
| Manchester, England | 1 |
| Angers, Pays de la Loire | 1 |
| London, England | 1 |
| Noida, UP | 2 |
| Jewar, UP | 1 |
| Braga, Braga | 1 |
| Prievidza, Nitriansky | 1 |
| Farmers Branch, TX | 1 |
| Helsinki, Uusimaa | 1 |
| Crisfield, MD | 1 |
Community Discussion
Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.
Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.
Cloudflare Issues Reports
Latest outage, problems and issue reports in social media:
-
Christopher Molin (@Chrimle) reported@KentonVarda No, no human would ever imagine writing the crazy bugs that AI hallucinates. There is no thought-pattern, and the feedback is a waste of time - because the "author" won't learn anything... The whole industry has code-review, did Cloudflare pick that up recently, or...? Would explain the recent issues...
-
Eric Taylor (@bcs_erictaylor) reported7/16 - Kali365 Update I have, at least for the moment, completely disabled the Kali365 platform from all operations. Below is an update of the intel we have currently. Believed owner and creator of Kali365: Handle: Octopus King TG: @tentacle_network Completed 'Takedown Requests' submitted to Namesilo FQDN: updateteampanel[.]xyz Completed 'Takedown Requests' submitted to BL Network: IP Address: 199.21.221[.]21 IP Address: 162.33.178[.]105 IP Address: 72.5.43[.]195 Completed 'Sinkhole Requests' submitted to Cloudflare FQDN: servoquil[.]org FQDN: yalmorind[.]org FQDN: vuredonte[.]org FQDN: ondrevail[.]org FQDN: caldivore[.]org FQDN: vuredonte[.]org FQDN: privatetoken[.]app FQDN: mvpaffiliatecz[.]site #Kali365 #CTI #ThreatIntel
-
Altin (@devscipline) reported@AjaySohmshetty @Cloudflare @andrewk17 And that is precisely why I never put my billing details on any account that does not have some minimal billing limiting settings. I don't like to get bankrupt just because they didn't do their work.
-
Porkbun (@Porkbun) reported@liltechnomancer @joshmanders Was the subject of the support email: "I put the cloudflare namservers in before my domain expired and it never transferred."? If so, there may be some confusion about how domain transfers work. You don't transfer a domain by updating it's name servers, you have to initiate a domain transfer at the gaining registrar using the domain's auth code. There is no order block on your account so it isn't remotely an issue like Josh experienced two years ago. Your domain is simply expired and needs to be renewed or transferred. Since it's almost 30 days expired, you'll want to act quickly. If that's not the correct ticket let me know.
-
Raphael Abayomi (@raphyabak) reportedA few things beyond standard Eloquent: pgvector support built in for AI and embedding search Edge runtime support for Cloudflare Workers and Next.js Supabase compatible out of the box ULID and UUID primary keys supported No code generation step unlike Prisma
-
Poorvith M P (@poorvithmp07) reported@sparsh_noahAI cloudflare pages has 300+ edge locations, free unlimited bandwidth, and beats both on latency. most people just never consider it.
-
Harishaan (@hsuthan24) reportedIf your NAT type on multiplayer(bottom of screen) is strict, that’s why you can’t find lobbies. It needs to at least be moderate. Change the DNS in your ps5’s settings to CloudFlare or Google’s DNS rather than your internet service provider’s.
-
Anicet (@AniC_dev) reportedI was curious about this graph because we ourselves at @asciidotdev got a massive R2 bill for our snapshots recently because we did something stupid. thankfully we fixed it it's now 15x less open computer folks use cloudflare for the DB, using a managed service for your DB is always a sound idea so I won't say it's dumb, it's actually best practice but I was curious, how much I'd pay if our own postgres master DB, currently sitting alone in a $54/month (yes) bare metal instance on OVH in Europe was on cloudflare D1 well that'd be 4k per month on queries alone. and believe me we really optimized it down to the ground as to not need to upgrade our bare metal instance (we hate paying more money I guess) I think that's part of the reason why we can make box sandboxes and snapshots so absurdly cheap and generous, we just don't compromise on anything performance or price related
-
Brad Aldcroft (@baldcroft) reportedLocked out of cloudflare account due to likely email supression. Going around in circles trying to lodge a ticket for help on your site without account access. @CloudflareHelp @Cloudflare
-
Porkbun (@Porkbun) reported@liltechnomancer @joshmanders That looks like something Cloudflare requires, not us. They appear to have a transfer process that includes extra steps because they require the domain to be using their DNS. It looks like the actual transfer was never submitted to Cloudflare because they were / are waiting on this step. If you changed your name servers after expiration, 10 days after expiration we disrupt DNS as required by ICANN and that would have prevented what Cloudflare seems to be waiting for. It's honestly best to renew / transfer before expiration to prevent wonkiness like this.
-
Dmytro Shevchenko 🇺🇦 (@dschewchenko) reported@Cloudflare Customer support. I'm working on it. AI-first support system. Fully on Cloudflare
-
Anto (@anto_edd) reportedPrompt "You are a Senior Application Security Engineer specializing in Supabase Authentication. Review my Login & Signup implementation like a real attacker. Ignore code quality. Ignore styling. Ignore performance. Focus only on security. Check for: • User enumeration • Generic authentication errors • Missing email verification • Weak password policy • Brute-force protection • Missing rate limiting • Missing Cloudflare Turnstile • Disposable email abuse • Password reset vulnerabilities • Session fixation • Session revocation • Secure cookie configuration • OAuth misconfigurations • Missing Row Level Security (RLS) • Service Role Key exposure • Trusting frontend data • Missing server-side authorization • Privilege escalation • OWASP Top 10 authentication risks For every issue provide: 1. Severity 2. Exploitation scenario 3. Recommended fix 4. Production-ready implementation Do not approve the authentication flow until every High and Critical issue has been resolved."
-
Richard Illingworth (@RCIllingworth) reporteda GTM engineer rang my team screaming we'd ripped all his inboxes offline. we hadn't touched a thing... he was adamant we'd f*cked his entire campaigns and that all of it was our fault, so we went digging through the back end to find out what actually happened. turns out HE'D ripped all the DNS off the domains himself. he'd pulled everything out of Cloudflare, re-enlisted it over to Porkbun, then changed the forwarding settings while he was at it. so we went to reapply everything top-down from a CSV to fix it. he joined the account 10 minutes later and ripped it all straight back out again, then moaned that it had "automatically happened again." it took my team 12 hours to work out he'd been messing in the back end the whole time. that's half a day gone between me, my business partner, my ops director and my head of client success. four people chasing a problem one bloke created and wouldn't own, all because he couldn't just say "yeah, i f*cked it, that was me." GTM engineering done properly is genuinely powerful. what went wrong here had nothing to do with the function and everything to do with personal accountability. when something breaks in outbound, everyone's instinct is to blame the tool or the vendor or the inbox provider or literally ANYONE but themselves. but the most expensive failures i see are almost never technical at all. they're someone refusing to say three words: “i got it wrong.” lesson: own the mistake faster than you chase the fix.
-
Maverick (@Mavericks100xs) reportedIt’s over for cash-cat:native Chinese blockchain sleuths have uncovered the following: NOXA Dev ***** History After the incident erupted (especially post-downtime + new launch halt), the Chinese community quickly unearthed Amun Phantom's past record, with the core accusation being **"veteran rug pull playbook."** Main sources are posts from active Chinese KOLs/communities (e.g., @DiYi_Community, etc.), claiming "people who know him are well aware." - Key exposé points: Not his first big project: Two years ago (around 2024), he built a product even hotter than NOXA this time, then rugged at peak hype, allegedly draining that chain's liquidity pool dry (claims of "chain pool leader 3w ETH," possibly 30,000 ETH level, with community debate on exact figures). - Patterned operations: Every time a new chain heats up, he spins up a similar launch platform/product, quickly harvests traffic and fees, then "exits" or rugs. In 2025, multiple "exited products" of his popped up on new chains. - This time a "soft rug" not hard rug: Originally geared to straight-up bolt, but with too many bagholders this round—scale too massive (fees too high, user base huge)—direct rug would've blown up, so he opted for "soft rug" strategy: Website "issues" (Cloudflare IP block), halt new launches, shift to decentralized frontend, hand fees fully to creators, then slowly fade out. - Personality/Style Critique: Community calls it "deep-seated foreign scumbag traits, no vision for real growth," akin to some early infamous but controversial project vibes. These exposés are currently mostly community word-of-mouth + historical pattern inference, with no full public on-chain evidence chain or article yet (some say a detailed timeline post is coming). But since Amun Phantom is anonymous/semi-anonymous, historical project links rely mainly on community memory and behavioral pattern matching.
-
Khafra (@KhafraDev) reported@CherryJimbo @Cloudflare the real issue with DurableObjects is that there's an outage once a week, not their complexity