- SSL/TLS: You will likely lose your Cloudflare-provided SSL certificate. Your site will only work if your origin server has its own valid certificate.
- Security & Performance: You will lose the performance benefits (caching, minification, global edge network) and security protections (DDoS mitigation, WAF) that Cloudflare provides.
- This will also reveal your backend internal IP addresses. Anyone can find permanent logs of public IP addresses used by even obscure domain names, so potential adversaries don't necessarily have to be paying attention at the exact right time to find it.
A colleague of mine just came bursting through my office door in a panic, thinking he brought our site down since this happened just as he made some changes to our Cloudflare config. He was pretty relieved to see this post.
> In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack.
Pretty much everything is down (checking from the Netherlands). The Cloudflare dashboard itself is experiencing an outage as well.
Not-so-funny thing is that the Betterstack dashboard is down but our status page hosted by Betterstack is up, and we can't access the dashboard to create an incident and let our customers know what's going on.
There's something maliciously satisfying about seeing your own self-hosted stuff working while things behind Cloudflare or AWS are broken. Sure, they have like four more nines that me, but right now I'm sitting pretty.
Is it me or has there been a very noticeable uptick in large scale infra-level outages lately? AWS, Cloudflare, etc have all been way under whatever SLA they publish.
How did we get to a place where either Cloudflare or AWS having an outage means a large part of the web going down? This centralization is very worrying.
Interestingly, also noticing that websites that use Cloudflare Challenge (aka "I'm not a Robot") are also throwing exceptions with a message as "Please unblock challenges.cloudflare.com to proceed" - even though it's just responding with an HTTP/500.
I’d rather mitigate a DDoS attack on my own servers than deal with Cloudflare. Having to prove you’re human is the second-worst thing on my list, right after accepting cookies. Those two things alone have made browsing the web a worse experience than it was in the late 90s or early 2000s.
> During our attempts to remediate, we have disabled WARP [their VPN service] access in London. Users in London trying to access the Internet via WARP will see a failure to connect.
Posted 4 minutes ago. Nov 18, 2025 - 13:04 UTC
>A spokesperson for Cloudflare said: “We saw a spike in unusual traffic to one of Cloudflare’s services beginning at 11.20am. That caused some traffic passing through Cloudflare’s network to experience errors. While most traffic for most services continued to flow as normal, there were elevated errors across multiple Cloudflare services.
>“We do not yet know the cause of the spike in unusual traffic. We are all hands on deck to make sure all traffic is served without errors. After that, we will turn our attention to investigating the cause of the unusual spike in traffic.”
I know this is bad, and some people's livelihood and lives rely on critical infrastructure, but when these things happen, I sometimes think GOOD!, let's all just take a breather for a minute yeh? Go outside.
One of the things that i didnt like about cloudflare MITM as a service is their requirement if you want SSL/CDN that you must use their DNS.
Overconcentration of infra within one single pint of disruption with no easy outs when the stack tips over.
Sadly i dont see any changes or rethink to be more decentralised even after this outage.
Interesting(unnerving?) to see a number of domain registrars that offer their own DNS services utilize at least some kind of Cloudflare service for at least their own web fronts. Did a check on 6 registrar sites I currently interact with and half were down(Namecheap/Spaceship, Name, Dynadot) and up(Porkbun, Gandi, GoDaddy).
There was an article on HN a few days back about how companies like this are influencing the overall freedom of the web (I missed the source) and their own way of doing things. Other examples of influence I see similarly are of Vercel, like with enterprise. Even a few days back, we saw AWS.
> Investigating - Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available.
Things are back up (a second time) for me.
Cloudflare have updated their status page now to reflect the problems now. It doesn’t sound like they are confident the problem is fully fixed yet.
What would the Internet's architecture have to look like for DDOS'ing to be a thing of the past, and therefore Cloudflare to not be needed?
I know there are solutions like IPFS out there for doing distributed/decentralised static content distribution, but that seems like only part of the problem. There are obviously more types of operation that occur via the network -- e.g. transactions with single remote pieces of equipment etc, which by their nature cannot be decentralised.
Anyone know of research out there into changing the way that packet-routing/switching works so that 'DDOS' just isn't a thing? Of course I appreciate there are a lot of things to get right in that!
I got several emails from some uptime monitors I setup due to failing checks on my website and funnily enough I cannot log into any of them.
BetterStack, InStatus and HetrixTools seemingly all use Cloudflare on their dashboards, which means I can't login but I keep getting "your website/API is down" emails.
Update: I also can't login to UptimeRobot and Pulsetic. Now, I am getting seriously concerned about the sheer degree of centralization we have for CDNs/login turnstiles on Cloudflare.
In the beginning I thought my IP fell on the wrong side of Cloudflare and thought I was being blocked from ~80% of the internet. I was starting to panic
Cloudflare seems to have degrated performance. Half the requests for my site throw cloudflare 500x errors, the other half work fine.
However the https://www.cloudflarestatus.com/ does not really mention anything relevant. What's the point of having a status page if it lies ?
Update Ah I just checked the status and now I get a big red warning (however the problem existed for like 15 minutes before 11:48 UTC):
> Investigating - Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available. Nov 18, 2025 - 11:48 UTC
I didn’t see anyone comment this directly, but something these recent outages made me wonder, having spent a good chunk of my career in 24/7 tech support, is that I can’t even fathom the amount of people who have been:
- restarting their routers and computers instead of taking their morning shower, getting their morning coffee, taking their medication on time because they’re freaking out, etc.
- calling ISPs in a furious mood not knowing it’s a service in the stack and not the provider’s fault (maybe)
- being late for work in general
- getting into arguments with friends and family and coworkers about politics and economics
- being interrupted making their jerk chicken
Cloud in general was a mistake. We took a system explicitly designed for decentralization and resilience and centralized it and created a few neat points of failure to take the whole damn thing down.
This is crazy. The internet has so much direct and transitive dependency on Cloudflare today. Pretty much the #1 dev slacking excuse today is no longer code compiling but cloudflare is down.
It's insane to me that big internet uptime monitoring tools like Pingdom and Downdetector both seem to rely on Cloudflare, as both of those are currently unavailable as well.
The main bike rental Velib in Paris has the app not working, but the bikes can be taken with NFC. However, my station, which is always full at this time, is now empty, with only 2 bad bikes. It maybe related. Yet, push notifications are working.
I'm going to take the metro now and thinking how long do we have until the entire transit network goes down because of a similar incident.
Later today or tomorrow there's going to be a post on HN pointing to Cloudflare's RCA and multitudes here are going to praise CF for their transparency. Let's not forget that CF sucks and took half the internet down for four hours. Transparency or no, this should not be happening.
Speaking of 5 9s, how would you achieve 5 9s for a basic CRUD app that doesn't need to scale, but still be globally accessible? No auth, micro services, email or 3rd party services. Just a classic backend connected to a db (any db tech, hosted wherever), that serves up some html.
I've been considering Cloudflare for caching, DDoS protection and WAF, but I don't like furthering the centralization of the Web. And my host (Vultr) has had fantastic uptime over the 10 years I've been on them.
How are others doing this? How is Hacker News hosted/protected?
I got an email saying that my OpenAI auto-renewal failed, my credits have run out. I go to OpenAI to reauthorize the card, and I can't login because OpenAI uses Cloudflare for "verifying you are a human" that goes in infinite loop. Great.
Phew, my latest 3h30 workshop about Obsidian was saved.
I recorded it this morning, not knowing about the Cloudflare issue (probably started while I was busy). I'm using Circle.so and they're down (my community site is now inaccessible). Luckily, they probably use AWS S3 or similar to host their files, so that part is still up and running.
Meanwhile all my sites are down. I'll just wait this one out, it's not the end of the world for me.
My GitHub actions are also down for one of my project because some third-party deps go through Cloudflare (Vulkan SDK). Just yesterday I was thinking to myself: "I don't like this dependency on that URL...". Now I like it even less
> A fix has been implemented and we believe the incident is now resolved. We are continuing to monitor for errors to ensure all services are back to normal. Posted 3 minutes ago. Nov 18, 2025 - 14:42 UTC
Seems like they think they've fixed it fully this time!
I'm thinking about all those quips from a few decades back, along the lines of: "The Internet is resilient, it's distributed and it routes around damage" etc.
In many ways it's still true, but it doesn't feel like a given anymore.
Recently my multiple VPN server nodes just randomly cannot connect to cloudflare CDN IPs, from different provider VPS, while the Host Linux network does not have the issue; vpp share the same address with Linux and use tc stateless NAT to do the trick.
I finally work around this by change the tcp options sent by vpp tcp stack.
But the whole thing made me worry there must be something deployed which cause this issue.
But I do not think that related with this network issue, it just reminds me the above, I feel there are frequently new articles about cloudflare networking, maybe new method or new deployment sort of related high probability of issues
For anyone reading this who desperately needs their website up, you can try this: If you manage to get to your Cloudflare DNS settings and disable the "Proxy status (Proxied)" feature (the orange cloud), it should start working again.
Be aware that this change has a few immediate implications:
- SSL/TLS: You will likely lose your Cloudflare-provided SSL certificate. Your site will only work if your origin server has its own valid certificate.
- Security & Performance: You will lose the performance benefits (caching, minification, global edge network) and security protections (DDoS mitigation, WAF) that Cloudflare provides.
I think you should give me a credit for all the income I lost due to this outage. Who authorized a change to the core infrastructure during the period of the year when your customers make the most income? Seriously, this is a management failure at the highest levels of decision-making. We don't make any changes to our server infrastructure/stack during the busiest time of the year, and neither should you. If there were an alternative to Cloudflare, I'd leave your service and move my systems elsewhere.
Looking forward to seeing their RCA. I'm guessing it's going to be glossy in terms of actual customer impact. "We didn't go offline, we just had 100% errors. For 60 minutes."
My theory is that people's skills are getting worse. Attention spans are diminishing, memory is shrinking. People age and retire, new less skilled generations are replacing them. There are studies about declining IQ in the last decades. Probably mobile phones and social media are to blame.
We see the signs with Amazon and Cloudflare going down, Windows Update breaking stuff. But the worse is yet to come, and I am thinking about airport traffic control, nuclear power plants, surgeons...
DigitalOcean + Gandi means nothing I run is down. Amazing. We depend far too greatly on centralised services where we deem the value of reputation and convenience exceeds the potential downsides and then the world pays for it. I think we have to feel a lot more of this pain before regulation kicks in to change things because the reality is people don't change. The only thing you can personally do is run a lot of your own stuff for things you can.
The sites I host on Cloudflare are all down. Also, even ChatGPT was down for a while, showing the error: "Please unblock challenges.cloudflare.com to proceed."
I happened to be working with Claude when this occurred. Having no idea what exactly what the cause was, I jumped over to GPT and observed the same. I did a dig challenges.cloudflare.com and by the time I'd figured out kind of what was happening, it seemed to have... resolved itself
I must say I'm astonished, as naive as it may be, to see the number of separate platforms affected by this. And it has been a bit of a learning experience too.
I didn't think about the Cloudflare API, but we'll make sure to do it next time. Hopefully, it won't happen again. I want Cloudflare to delegate DNS control to an external provider so it's easy to disable/enable the CF proxy in case something like this happens.
Yesterday I decided to finally write my makefiles to "mirror" (make available offline) the docs of the libraries I'm using. doc2dash for sphinx-enabled projects, and then using dash / zeal.
Then I was like... "when did I last time fly for 10+ hours and wanted to do programming, etc, so that I need offline docs?" So I gave up.
Today I can't browse the libs' docs quickly, so I'm resuming the work on my local mirroring :-)
This reminds me that I really like self-hosting. While it is true that many of things do not work, all my services do work. It has some tradeoffs of course.
There is an election in Denmark today, I wonder if this will affect that. The governments website is not accessible at the moment because it uses Cloudflare.
What do we actually lose going from cloud back to ground?
The mass centralization is a massive attack vector for organized attempts to disrupt business in the west.
But we’re not doing anything about it because we’ve made a mountain at of a molehill. Was it that hard to manage everything locally?
I get that there’s plenty of security implications going that route, but it would be much harder to bring down t large portions of online business with a single attack.
Strange thing is this is in multiple CD regions all using bot & WAF are down, just got a colueuge to check our site and both London & Singapour cloudflare servers are out... And I cant even login to the cloudflare dash to re-route critical traffic
. Likely this is accidental, but one day there will be something malicous that will have big impacts with how centralised the internet now is.
>Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available.
I had two completely unrelated tabs open (https://twitter.com and https://onsensensei.com) both showing the same error. Opened another website, same error. Kinda funny to see how much of entire web is ran on CloudFlare nowadays.
Why do people use the reverse proxy functionality of Cloudflare? I've worked at small to medium sized businesses that never had any of this while running public facing websites and they were/are just fine.
Same goes for my personal projects: I've never been worried about being targeted by a botnet so much that I introduce a single point of failure like this.
Our national transit agency is apparently a customer.
The departure tables are borked, showing incorrect data, the route map stopped updating, the website and route planner are down, and the API returns garbage. Despite everything, the management will be pleased to know the ads kept on running offline.
Why would you put a WAP between devices you control and your own infra, God knows.
Is it me, or do the outages of single points of failure for large swaths of the internet tend to cluster within weeks/days of one another?
Anyone know why? Could be totally bias because one news story propels the next, so when they happen in clusters, you just hear about them more than when they don't.
The non profit I volunteer at is unreachable. It gives a cloudflare error page which is sort of helpful. It tells me the the site is ok but cloudflare has an 500.
It’s been great, but I always wonder when a company starts doing more than it’s initially calling. There have been a ton of large attacks, tons of bot scrappers so it’s the Wild West.
So they broke the internet. Nice!
Never seen so many sites not working.
Never seen so many desktop app suddenly stop working.
I don't want to be the person responsible for this.
And this again has thought me it's better to no rely on external services. Even though they seem to big to fail.
Down, but the linked status page shows mostly operational, except for "Support Portal Availability Issues" and planned maintenance. Since it was linked, I'm curious if others see differently.
edit: It now says "Cloudflare Global Network experiencing issues" but it took a while.
It would appear if you use a VPN in Europe you can still access Cloudflare sites, I have just tried, for me the Netherlands, Germany, and France work, but the UK and USA don't.
EDIT: It would appear it is still unreliable in these countries, it just stopped working in France for me.
Cloudflare Dashboard/Clicky clicky UI is down. I really appreciate that their API is still working. Small change in our Terraform configuration and now I can go lunch in peace knowing our clients at skeeled can keep working if wanted:
No logging in to Cloudflare Dash, no passing Turnstile (their CAPTCHA Replacement Solution) on third-party websites not proxied by Cloudflare, the rest that are proxied throwing 500 Internal server error saying it's Cloudflare's fault…
Investigating - Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available.
Nov 18, 2025 - 11:48 UTC
Yeah, those multiple customers is like 70% of the internet.
I would love to see a competition for the most banal thing that went wrong as a result of this. For example, I’m pretty sure the reason my IKEA locker wouldn’t latch shut was because the OS had hung while talking to a Cloudflare backend.
Cloudflare runs a high demand service, and the centralisation does deserve scrutiny. I think a good middle ground I’ll adopt is self hosting critical services and then when they have an outage redirect traffic to a Cloudflare outage banner.
Meanwhile my Wordpress blog on DigitalOcean is up. And so is DigitalOcean.
My ISP is routing public internet traffic to my IPs these days. What keeps me from running my blog from home? Fear of exposing a TCP port, that's what. What do we do about that?
one way to mitigate DDoS is to enforce source IP checks on the way OUT of a datacenter (egress).
sure there are botnets, infected devices, etc that would conform to this but where does the sheer power of a big ddos attack come from? including those who sell it as a service. they have to have some infrastructure in some datacenter right?
make a law that forces every edge router of a datacenter to check for source IP and you would eliminate a very big portion of DDoS as we know it.
until then, the only real and effective method of mitigating a DDoS attack is with even more bandwidth. you are basically a black hole to the attack, which cloudflare basically is.
We finally switched to CF a few weeks ago (for bot protection, abusive traffic started getting insane this year), finally we can join in on one of the global outage parties (no cloud usage otherwise, so still more uptime than most).
Didn't have my site on cloudflare bc it would be faster for chinese users (its main demographic) so i THOUGHT i was fine for a second until i remembered the data storage api is behind cloudflare
Hey, this is fun, all my websites are still up! I wonder how that happened? I don't even have to worry about my docker registry being down because I set up my own after the last global outage.
Is anybody keeping statistics on the frequency of these big global internet outages? It seems to be happening extremely frequently as of late, but it would be nice to have some data on that.
This Internet thing is steadily becoming the most fragile surface attack out there. No need for nuclear weapons anymore, just hit Cloudflare and AWS and we are back to the stone age.
We're on the enterprise plan, so far we're seeing Dashboard degradation and Turnstile (their captcha service) down. But all proxying/CDN and other services seem to work well.
Why are we seeing AWS, then Azure, then Cloudflare all going down just out of the blue? I know they go down occasionally, but it's typically not major outages like this...
Down... "Please unblock challenges.cloudflare.com to proceed." On every Cloudflare hosted website that I try. This timing SUCKS.......... please resolve fast! <3
Ah! Well, all of my websites are down! I’m going to take screenshots and have it as part of my Time Capsule Album, “Once upon a Time, my websites used to go down.”
If someone wanted to learn about how the modern infrastructure stack works, and why things like this occur, where would be some good resources to start?
I sometimes question my business decision to have a multi-cloud, multi-region web presence where it is totally acceptable to be down with the big boys.
just yesterday cloudflare announced it was acquiring replicate (ai platform) "the Workers Platform mission: Our goal all along has been to enable developers to build full-stack applications without having to burden themselves with infrastructure" according to cloudflare's blog, are we cooked?
makes you realise, if cloudflare or one of these large organisations decides to (/ gets ordered by a deranged US president to) block your internet access, that's a whole lot of internet you're suddenly cut off from. Yes, i know there are circumventions, but its still a owrrying thought.
For fun, I asked google what's an alternative to Cloudflare. It says, "A complete list of Cloudflare alternatives depends on which specific service (CDN, security, Zero Trust, edge computing, etc.) you are replacing, as no single competitor offers the exact same all-in-one suite"
used a down-detector site to check if cloudflare is down, but the site is running on cloudflare, so i couldnt check if cloudflare was down for anyone else, because cloudflare was down
If a cloud vendor with 1 million users experiences a long term outage: the vendor has a serious problem. If a cloud vendor with 1 billion users experiences a long term outage: the internet has a serious problem. Yada-yada-yada xkcd/2347 but it's the big block in the middle which crumbled
If anyone needs commands for turning off the CF proxy for their domains and happens to have a Cloudflare API token.
First you can grab the zone ID via:
And a list of DNS records using: Each DNS record will have an ID associated. Finally patch the relevant records: Copying from a sibling comment - some warnings:- SSL/TLS: You will likely lose your Cloudflare-provided SSL certificate. Your site will only work if your origin server has its own valid certificate.
- Security & Performance: You will lose the performance benefits (caching, minification, global edge network) and security protections (DDoS mitigation, WAF) that Cloudflare provides.
- This will also reveal your backend internal IP addresses. Anyone can find permanent logs of public IP addresses used by even obscure domain names, so potential adversaries don't necessarily have to be paying attention at the exact right time to find it.
A colleague of mine just came bursting through my office door in a panic, thinking he brought our site down since this happened just as he made some changes to our Cloudflare config. He was pretty relieved to see this post.
> In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack.
From the CTO, Source: https://x.com/dok2001/status/1990791419653484646
Pretty much everything is down (checking from the Netherlands). The Cloudflare dashboard itself is experiencing an outage as well.
Not-so-funny thing is that the Betterstack dashboard is down but our status page hosted by Betterstack is up, and we can't access the dashboard to create an incident and let our customers know what's going on.
Edit: wording.
There's something maliciously satisfying about seeing your own self-hosted stuff working while things behind Cloudflare or AWS are broken. Sure, they have like four more nines that me, but right now I'm sitting pretty.
Is it me or has there been a very noticeable uptick in large scale infra-level outages lately? AWS, Cloudflare, etc have all been way under whatever SLA they publish.
Ironically, DownDetector seems to be down because it protects its site with Cloudflare Turnstile... which is also down!
How did we get to a place where either Cloudflare or AWS having an outage means a large part of the web going down? This centralization is very worrying.
I do appreciate the visual "mea culpa":
Your browser: Working
Host: Working
Cloudflare: Error
Interestingly, also noticing that websites that use Cloudflare Challenge (aka "I'm not a Robot") are also throwing exceptions with a message as "Please unblock challenges.cloudflare.com to proceed" - even though it's just responding with an HTTP/500.
I’d rather mitigate a DDoS attack on my own servers than deal with Cloudflare. Having to prove you’re human is the second-worst thing on my list, right after accepting cookies. Those two things alone have made browsing the web a worse experience than it was in the late 90s or early 2000s.
> During our attempts to remediate, we have disabled WARP [their VPN service] access in London. Users in London trying to access the Internet via WARP will see a failure to connect. Posted 4 minutes ago. Nov 18, 2025 - 13:04 UTC
Is Cloudflare being attacked...?
I used to say, "Don't worry, we host it on Cloudflare. If it's down, then 30% internet is down. It's highly unlikely."
Well...
Classic. I see issues. Vendor’s status page is all green. Go to HN to find the confirmation. Applies to AWS, GH, everyone.
Edit: beautiful, this decentralised design of the internet.
Quote from The Guardian's story:
>A spokesperson for Cloudflare said: “We saw a spike in unusual traffic to one of Cloudflare’s services beginning at 11.20am. That caused some traffic passing through Cloudflare’s network to experience errors. While most traffic for most services continued to flow as normal, there were elevated errors across multiple Cloudflare services.
>“We do not yet know the cause of the spike in unusual traffic. We are all hands on deck to make sure all traffic is served without errors. After that, we will turn our attention to investigating the cause of the unusual spike in traffic.”
https://www.theguardian.com/technology/2025/nov/18/cloudflar...
I went to check how many services are being impacted on down detector, but it was down.
I know this is bad, and some people's livelihood and lives rely on critical infrastructure, but when these things happen, I sometimes think GOOD!, let's all just take a breather for a minute yeh? Go outside.
Tried checking Cloudflare’s status on Downdetector, but Downdetector was also behind Cloudflare. Internet checkmate.
One of the things that i didnt like about cloudflare MITM as a service is their requirement if you want SSL/CDN that you must use their DNS. Overconcentration of infra within one single pint of disruption with no easy outs when the stack tips over. Sadly i dont see any changes or rethink to be more decentralised even after this outage.
Interesting(unnerving?) to see a number of domain registrars that offer their own DNS services utilize at least some kind of Cloudflare service for at least their own web fronts. Did a check on 6 registrar sites I currently interact with and half were down(Namecheap/Spaceship, Name, Dynadot) and up(Porkbun, Gandi, GoDaddy).
And no lesson about single point of failure and centralization was learned that day.
This incident has been resolved. Posted 4 minutes ago. Nov 18, 2025 - 19:28 UTC
Better link for chroniclers, since the incident is now buried pretty far down on the status page: https://www.cloudflarestatus.com/incidents/8gmgl950y3h7
Your origin servers are protected now as no one can access them. Thanks for choosing CloudFlare's MITM "protection".
Do you remember when the Internet was redundant and resilient?
It seems 20% of the Internet is down every two weeks now.
Can't even change my nameservers away from Cloudflare as Namecheap use Cloudflare!!
I was shouting at network guy/colleague, how come challenges.cloudflare.com got blocked!! damn, I must apologise to him.
The danger of Internet centralization in Cloudflare
There was an article on HN a few days back about how companies like this are influencing the overall freedom of the web (I missed the source) and their own way of doing things. Other examples of influence I see similarly are of Vercel, like with enterprise. Even a few days back, we saw AWS.
Wanted to check if it was DNS again but https://isitdns.com/ is also down…
> Cloudflare Global Network experiencing issues
> Investigating - Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available.
Things are back up (a second time) for me.
Cloudflare have updated their status page now to reflect the problems now. It doesn’t sound like they are confident the problem is fully fixed yet.
Edit: and down again a third time!
What would the Internet's architecture have to look like for DDOS'ing to be a thing of the past, and therefore Cloudflare to not be needed?
I know there are solutions like IPFS out there for doing distributed/decentralised static content distribution, but that seems like only part of the problem. There are obviously more types of operation that occur via the network -- e.g. transactions with single remote pieces of equipment etc, which by their nature cannot be decentralised.
Anyone know of research out there into changing the way that packet-routing/switching works so that 'DDOS' just isn't a thing? Of course I appreciate there are a lot of things to get right in that!
https://www.cloudflarestatus.com/incidents/8gmgl950y3h7
It's knocked out Turnstile too, which means I can't even log in to my Cloudflare dash to bypass my site's proxying via Cloudflare.
I got several emails from some uptime monitors I setup due to failing checks on my website and funnily enough I cannot log into any of them.
BetterStack, InStatus and HetrixTools seemingly all use Cloudflare on their dashboards, which means I can't login but I keep getting "your website/API is down" emails.
Update: I also can't login to UptimeRobot and Pulsetic. Now, I am getting seriously concerned about the sheer degree of centralization we have for CDNs/login turnstiles on Cloudflare.
More vibe code gets into production. AWS, Azure and Cloudflare all have major issues.
Coincidence? I think not.
Even Cloudflare Status is now down, oh boy :) https://postimg.cc/LJVKYmks
ERROR [12:00:21 UTC]: CF_EDGE_ROUTING_FAILURE. Reason: Origin-Shield connectivity loss detected within multi-region fabric. BGP path withdrawal initiated for critical LCP clusters (LCP-LON, LCP-FRA). Status code 521/522 flood reported globally. Geo-location failover services degraded. DNS resolution timeout on 1.1.1.1/1.0.0.1. Traffic flow re-routing pending verification of internal control plane integrity.
In the beginning I thought my IP fell on the wrong side of Cloudflare and thought I was being blocked from ~80% of the internet. I was starting to panic
How come HN is never down with all these outages?
Everyone laughs when AWS collapses, everyone is silent when Cloudflare collapses. Why? Because the place to laugh has collapsed.
It's so crazy and scary that Cloudflare is the single point of failure for the internet.
This NYTimes article makes it sound like the problem is fixed, but I'm not seeing any improvement yet.
https://www.nytimes.com/2025/11/18/business/cloudflare-down-...
Funny that I could not load Twitter to see if Cloudflare was down.
I rushed to Hacker News, but it was too early. Clicking on “new” did the job to find this post before making it to the Homepage:)
The web is still alive!
Who wants to join me at the Winchester for a pint, and wait for this all to blow over?
Seems like ChatGPT and Claude are also affected. (CLI Codex still seems to work).
RIP to the engineers fixing this without any AI help.
At some point we really need to think if this is the web we want, one/two major actors are down and everything goes with it
Not downplaying the immense work of infra / engineering at this scale but my neighborhood local grocery market shouldn’t be down
Cloudflare seems to have degrated performance. Half the requests for my site throw cloudflare 500x errors, the other half work fine.
However the https://www.cloudflarestatus.com/ does not really mention anything relevant. What's the point of having a status page if it lies ?
Update Ah I just checked the status and now I get a big red warning (however the problem existed for like 15 minutes before 11:48 UTC):
> Investigating - Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available. Nov 18, 2025 - 11:48 UTC
I didn’t see anyone comment this directly, but something these recent outages made me wonder, having spent a good chunk of my career in 24/7 tech support, is that I can’t even fathom the amount of people who have been:
- restarting their routers and computers instead of taking their morning shower, getting their morning coffee, taking their medication on time because they’re freaking out, etc. - calling ISPs in a furious mood not knowing it’s a service in the stack and not the provider’s fault (maybe) - being late for work in general - getting into arguments with friends and family and coworkers about politics and economics - being interrupted making their jerk chicken
This sentence is slowly getting boring after all those recent outages: My web app hosted on Hetzner and BunnyCDN still works.
That shows, the distributed nature of the internet is still there. It is a problem though, if everything is funneled through one provider.
I've been migrating all my personal stuff to Cloudflare. They have good products and good pricing.
At the same time I'm worried about how the internet is becoming even more centralized, which goes against how it was originally designed.
Cloud in general was a mistake. We took a system explicitly designed for decentralization and resilience and centralized it and created a few neat points of failure to take the whole damn thing down.
This is crazy. The internet has so much direct and transitive dependency on Cloudflare today. Pretty much the #1 dev slacking excuse today is no longer code compiling but cloudflare is down.
ChatGPT is Down. What will LinkedIn posters ever do?
It's insane to me that big internet uptime monitoring tools like Pingdom and Downdetector both seem to rely on Cloudflare, as both of those are currently unavailable as well.
We've traded DDoS for centralized DoS.
It's been 15 minutes of it going up and down, still nothing on their status page...
The irony is that if you follow the relevant link [1]in the error page , you get this
> If the problem isn’t resolved in the next few minutes, it’s most likely an issue with the web server you were trying to reach.
[1] https://www.cloudflare.com/5xx-error-landing/?utm_source=err...
Related to Azure DDoS?
https://news.ycombinator.com/item?id=45955900
The main bike rental Velib in Paris has the app not working, but the bikes can be taken with NFC. However, my station, which is always full at this time, is now empty, with only 2 bad bikes. It maybe related. Yet, push notifications are working.
I'm going to take the metro now and thinking how long do we have until the entire transit network goes down because of a similar incident.
Feels like it's been a rough year for huge infra outages man :(.
Is it DNS? I went to check the isitdns.com but got a cloudflare error
Later today or tomorrow there's going to be a post on HN pointing to Cloudflare's RCA and multitudes here are going to praise CF for their transparency. Let's not forget that CF sucks and took half the internet down for four hours. Transparency or no, this should not be happening.
Speaking of 5 9s, how would you achieve 5 9s for a basic CRUD app that doesn't need to scale, but still be globally accessible? No auth, micro services, email or 3rd party services. Just a classic backend connected to a db (any db tech, hosted wherever), that serves up some html.
Seriously, bookmarking this site and checking it first next time instead of disabling all my ad blockers.
I've been considering Cloudflare for caching, DDoS protection and WAF, but I don't like furthering the centralization of the Web. And my host (Vultr) has had fantastic uptime over the 10 years I've been on them.
How are others doing this? How is Hacker News hosted/protected?
I got an email saying that my OpenAI auto-renewal failed, my credits have run out. I go to OpenAI to reauthorize the card, and I can't login because OpenAI uses Cloudflare for "verifying you are a human" that goes in infinite loop. Great.
Phew, my latest 3h30 workshop about Obsidian was saved. I recorded it this morning, not knowing about the Cloudflare issue (probably started while I was busy). I'm using Circle.so and they're down (my community site is now inaccessible). Luckily, they probably use AWS S3 or similar to host their files, so that part is still up and running.
Meanwhile all my sites are down. I'll just wait this one out, it's not the end of the world for me.
My GitHub actions are also down for one of my project because some third-party deps go through Cloudflare (Vulkan SDK). Just yesterday I was thinking to myself: "I don't like this dependency on that URL...". Now I like it even less
> A fix has been implemented and we believe the incident is now resolved. We are continuing to monitor for errors to ensure all services are back to normal. Posted 3 minutes ago. Nov 18, 2025 - 14:42 UTC
Seems like they think they've fixed it fully this time!
I miss the old internet where 1 company having an outage didn't take down most of it.
I'm thinking about all those quips from a few decades back, along the lines of: "The Internet is resilient, it's distributed and it routes around damage" etc.
In many ways it's still true, but it doesn't feel like a given anymore.
Recently my multiple VPN server nodes just randomly cannot connect to cloudflare CDN IPs, from different provider VPS, while the Host Linux network does not have the issue; vpp share the same address with Linux and use tc stateless NAT to do the trick.
I finally work around this by change the tcp options sent by vpp tcp stack.
But the whole thing made me worry there must be something deployed which cause this issue.
But I do not think that related with this network issue, it just reminds me the above, I feel there are frequently new articles about cloudflare networking, maybe new method or new deployment sort of related high probability of issues
For anyone reading this who desperately needs their website up, you can try this: If you manage to get to your Cloudflare DNS settings and disable the "Proxy status (Proxied)" feature (the orange cloud), it should start working again.
Be aware that this change has a few immediate implications:
- SSL/TLS: You will likely lose your Cloudflare-provided SSL certificate. Your site will only work if your origin server has its own valid certificate.
- Security & Performance: You will lose the performance benefits (caching, minification, global edge network) and security protections (DDoS mitigation, WAF) that Cloudflare provides.
> a routine configuration change we made
Every.Single.Time
[1] https://x.com/dok2001/status/1990791419653484646
Cloudflare's dashboard is currently down as well.
My domain is registered with cloudflare so I'm 100% helpless to get things back online.
I can't edit DNS records to bypass cloudflare and I can't change nameservers either.
I think you should give me a credit for all the income I lost due to this outage. Who authorized a change to the core infrastructure during the period of the year when your customers make the most income? Seriously, this is a management failure at the highest levels of decision-making. We don't make any changes to our server infrastructure/stack during the busiest time of the year, and neither should you. If there were an alternative to Cloudflare, I'd leave your service and move my systems elsewhere.
Looking forward to seeing their RCA. I'm guessing it's going to be glossy in terms of actual customer impact. "We didn't go offline, we just had 100% errors. For 60 minutes."
Didn't realize Twitter uses cloudflare. It seems to be down as well
everything is down except HN :D
Those football playoffs are really getting out of hand…
Ref: https://news.ycombinator.com/item?id=43157000
My theory is that people's skills are getting worse. Attention spans are diminishing, memory is shrinking. People age and retire, new less skilled generations are replacing them. There are studies about declining IQ in the last decades. Probably mobile phones and social media are to blame.
We see the signs with Amazon and Cloudflare going down, Windows Update breaking stuff. But the worse is yet to come, and I am thinking about airport traffic control, nuclear power plants, surgeons...
DigitalOcean + Gandi means nothing I run is down. Amazing. We depend far too greatly on centralised services where we deem the value of reputation and convenience exceeds the potential downsides and then the world pays for it. I think we have to feel a lot more of this pain before regulation kicks in to change things because the reality is people don't change. The only thing you can personally do is run a lot of your own stuff for things you can.
The sites I host on Cloudflare are all down. Also, even ChatGPT was down for a while, showing the error: "Please unblock challenges.cloudflare.com to proceed."
10.30pm here in Australia...
and my alarms are going off my and support line is ringing...
I cant even login to my CF dashboard to disable the CDN!
Edit: It's back. Hopefully it will stay up!
Edit 2: 1 Hour Later.
Narrator: It didn't stay up :/
I happened to be working with Claude when this occurred. Having no idea what exactly what the cause was, I jumped over to GPT and observed the same. I did a dig challenges.cloudflare.com and by the time I'd figured out kind of what was happening, it seemed to have... resolved itself
I must say I'm astonished, as naive as it may be, to see the number of separate platforms affected by this. And it has been a bit of a learning experience too.
Oh, look! Cloudflare is down. Let's check down detector to make sure it's not just me > Downdetector is using Cloudflare captcha. Yep, it's down.
I didn't think about the Cloudflare API, but we'll make sure to do it next time. Hopefully, it won't happen again. I want Cloudflare to delegate DNS control to an external provider so it's easy to disable/enable the CF proxy in case something like this happens.
Yesterday I decided to finally write my makefiles to "mirror" (make available offline) the docs of the libraries I'm using. doc2dash for sphinx-enabled projects, and then using dash / zeal.
Then I was like... "when did I last time fly for 10+ hours and wanted to do programming, etc, so that I need offline docs?" So I gave up.
Today I can't browse the libs' docs quickly, so I'm resuming the work on my local mirroring :-)
This reminds me that I really like self-hosting. While it is true that many of things do not work, all my services do work. It has some tradeoffs of course.
There is an election in Denmark today, I wonder if this will affect that. The governments website is not accessible at the moment because it uses Cloudflare.
What do we actually lose going from cloud back to ground?
The mass centralization is a massive attack vector for organized attempts to disrupt business in the west.
But we’re not doing anything about it because we’ve made a mountain at of a molehill. Was it that hard to manage everything locally?
I get that there’s plenty of security implications going that route, but it would be much harder to bring down t large portions of online business with a single attack.
Funny how I couldn't even check on Downdetector.com - because it takes me to a Cloudfare-run captcha, which is now stuck on loading.
The internet is officially down.
Strange thing is this is in multiple CD regions all using bot & WAF are down, just got a colueuge to check our site and both London & Singapour cloudflare servers are out... And I cant even login to the cloudflare dash to re-route critical traffic . Likely this is accidental, but one day there will be something malicous that will have big impacts with how centralised the internet now is.
From the Cloudflare status website: "Scheduled maintenance is currently in progress." Maybe something went wrong while doing maintenance?
Some of my websites are down. Says it's the cloudflare network, when I click it it says generic things about my server likely being the issue.
I thought I would be clever by switching domain endpoints from proxied to dns but Cloudflare admin page is also not working correctly ;)
edit: it's up!
edit: it's down!
>Cloudflare Global Network experiencing issues
>Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available.
>Posted 4 minutes ago
https://www.cloudflarestatus.com/incidents/8gmgl950y3h7
NPM also seems to be down due to this! https://status.npmjs.org
It's the first time it's been down that I've seen a sensible error message.
But I was supposed to be commuting, so I guess I'll do that.
I had two completely unrelated tabs open (https://twitter.com and https://onsensensei.com) both showing the same error. Opened another website, same error. Kinda funny to see how much of entire web is ran on CloudFlare nowadays.
Is there any way to remove every SPOF?
Currently I have multi-region loadbalanced servers. DNS and WAF (and the load balancer) on Cloudflare.
Moving DNS elsewhere is step 1 so I'm not locked out - but then I can't use Cloudflare full stop (without enterprise pricing).
Multi-provider DNS and WAF - okay I could see how that works.
But what about the global load balancer, surely that has to remain a single point of failure?
Why do people use the reverse proxy functionality of Cloudflare? I've worked at small to medium sized businesses that never had any of this while running public facing websites and they were/are just fine.
Same goes for my personal projects: I've never been worried about being targeted by a botnet so much that I introduce a single point of failure like this.
I was joking that after AWS, Azure that the Cloudflare would be next one...
So which large service we have left that could take chunk of internet out?
Can't wait to read their post-mortem report
Our national transit agency is apparently a customer.
The departure tables are borked, showing incorrect data, the route map stopped updating, the website and route planner are down, and the API returns garbage. Despite everything, the management will be pleased to know the ads kept on running offline.
Why would you put a WAP between devices you control and your own infra, God knows.
I think everyone is in the same boat with thinking they took something offline :^)
Concerning though how much the web relies on one (great) service.
I got an invoice from them right before the outage. Hopefully when they restore everything, they'll have forgotten about it!
Funny how I trusted Cloudflare first and started looking at restarting my servers, only to realize it's not me this time :)
ERROR [11:57:30 UTC]: EC2 Launch Failure. Reason: [Security Breach Remediation] Control Plane Metadata Service (IMDS) temporarily offline. System state reports: Dependency integrity check failed (Exit Code 0x80070002). Cannot retrieve authorized kernel image or block device mapping. Termination signal initiated for compromised worker nodes.
The irony of being in the middle of reading how Basecamp got off the cloud and the external link being down with a CF error :D
Is it me, or do the outages of single points of failure for large swaths of the internet tend to cluster within weeks/days of one another?
Anyone know why? Could be totally bias because one news story propels the next, so when they happen in clusters, you just hear about them more than when they don't.
The non profit I volunteer at is unreachable. It gives a cloudflare error page which is sort of helpful. It tells me the the site is ok but cloudflare has an 500.
It’s been great, but I always wonder when a company starts doing more than it’s initially calling. There have been a ton of large attacks, tons of bot scrappers so it’s the Wild West.
I was trying to look up banana-based jokes (https://upjoke.com/banana-jokes) and discovered that London Cloudflare seems to be down.
Then, I tried various down detecting sites and they didn't seem to work either - presumably due to Cloudflare.
It's back up, sites are working. Still wonder how long it's going to last. IF there's another blackout.
So they broke the internet. Nice! Never seen so many sites not working. Never seen so many desktop app suddenly stop working. I don't want to be the person responsible for this. And this again has thought me it's better to no rely on external services. Even though they seem to big to fail.
"The issue has been identified and a fix is being implemented." According to CF a minute ago: https://www.cloudflarestatus.com/incidents/8gmgl950y3h7
Down, but the linked status page shows mostly operational, except for "Support Portal Availability Issues" and planned maintenance. Since it was linked, I'm curious if others see differently.
edit: It now says "Cloudflare Global Network experiencing issues" but it took a while.
Luckily for everyone including Guilhermo he can't dunk on the situation since x.com is down as well.
Using Cloudflare is a tradeoff between facing DDoS and other attacks, and the downtime of Cloudflare.
It would appear if you use a VPN in Europe you can still access Cloudflare sites, I have just tried, for me the Netherlands, Germany, and France work, but the UK and USA don't.
EDIT: It would appear it is still unreliable in these countries, it just stopped working in France for me.
Cloudflare Dashboard/Clicky clicky UI is down. I really appreciate that their API is still working. Small change in our Terraform configuration and now I can go lunch in peace knowing our clients at skeeled can keep working if wanted:
resource "cloudflare_dns_record"
- proxied = true
+ proxied = false
No logging in to Cloudflare Dash, no passing Turnstile (their CAPTCHA Replacement Solution) on third-party websites not proxied by Cloudflare, the rest that are proxied throwing 500 Internal server error saying it's Cloudflare's fault…
Feels like half the internet is down.
Our doctor's office can't make appointments because their "system is down."
I am glad my personal site is not affected, what would I do without all those incoming traffic.
It's down here in Sydney as well. The status page hasn't been updated to reflect that
20% of websites worldwide are down.
I host everything on Linode (have for over a decade) and am never caught up in these outages.
Investigating - Cloudflare is aware of, and investigating an issue which potentially impacts multiple customers. Further detail will be provided as more information becomes available. Nov 18, 2025 - 11:48 UTC
Yeah, those multiple customers is like 70% of the internet.
I would love to see a competition for the most banal thing that went wrong as a result of this. For example, I’m pretty sure the reason my IKEA locker wouldn’t latch shut was because the OS had hung while talking to a Cloudflare backend.
Unfortunately it seems like it, our service has lost a portion of our Cloudflare connectivity. We use their tunnels functionality.
Additionally, it looks like Pingdom/Solarwinds authentication is affected too - not a great look for a service in that category.
Cloudflare runs a high demand service, and the centralisation does deserve scrutiny. I think a good middle ground I’ll adopt is self hosting critical services and then when they have an outage redirect traffic to a Cloudflare outage banner.
Meanwhile my Wordpress blog on DigitalOcean is up. And so is DigitalOcean.
My ISP is routing public internet traffic to my IPs these days. What keeps me from running my blog from home? Fear of exposing a TCP port, that's what. What do we do about that?
one way to mitigate DDoS is to enforce source IP checks on the way OUT of a datacenter (egress).
sure there are botnets, infected devices, etc that would conform to this but where does the sheer power of a big ddos attack come from? including those who sell it as a service. they have to have some infrastructure in some datacenter right?
make a law that forces every edge router of a datacenter to check for source IP and you would eliminate a very big portion of DDoS as we know it.
until then, the only real and effective method of mitigating a DDoS attack is with even more bandwidth. you are basically a black hole to the attack, which cloudflare basically is.
Time to consider alternatives: https://x.com/GithubProjects/status/1990804801811329329
We finally switched to CF a few weeks ago (for bot protection, abusive traffic started getting insane this year), finally we can join in on one of the global outage parties (no cloud usage otherwise, so still more uptime than most).
It is a relief that they hosted the status page on someone else's infrastructure.
This is worse than than the Amazon outage. I couldn't even login to Cloudflare.
Wow, with outage of a scale like this, it must be measurable as a loss in global GDP
I swear they all sleeping and that one guy on call is like "sheeeeet"...
Ironically, I was trying to access https://downforeveryoneorjustme.com/ at the time, which also went down due to Cloudflare.
It would have been ironic had this https://www.thewebsiteisdown.com/salesguy.html been hosted behind cloudflare.
Israel must be testing it's doomsday plans again
Wonder if the internet will soon be deleted.
Was back up for a moment ( within 5 minutes of being down), currently down again
https://www.cloudflarestatus.com/
even status page is giving 504 Gateway Timeout ERROR The request could not be satisfied. now in India
ChatGPT and Claude are down as a result, too.
Y'know, along with most other SAAS services.
ChatGPT and Perplexity AI are down, I was just about to try and use ChatGPT.
All trains are stuck in south of France for « broken signalisation ». Wonder how related this is.
Edit: it was related
https://www.laprovence.com/article/region/83645099971988/pan...
Edit2: They edited the article stating it wasn't related.
Wow, so much is down. Nothing Cloudflare protected is loading for me in Indiana, and the Cloudflare dashboard is broken as well.
I hope it gets resolved in the next hour or two, or it could be a serious problem for me.
This centralisation is worrisome. Single points of failures have always been a bad idea, especially when that point of failure is out of your control.
PS:Someone really doesn't want Gemini 3 to get air time today
Didn't have my site on cloudflare bc it would be faster for chinese users (its main demographic) so i THOUGHT i was fine for a second until i remembered the data storage api is behind cloudflare
Hey, this is fun, all my websites are still up! I wonder how that happened? I don't even have to worry about my docker registry being down because I set up my own after the last global outage.
Internet is down, I guess I'll just look out of the window for a bit
Probably a good time to contact the CEO of Cloudflare.
Looking forward to the post-mortem.
Is anybody keeping statistics on the frequency of these big global internet outages? It seems to be happening extremely frequently as of late, but it would be nice to have some data on that.
I discovered the problem by trying to access https://downforeveryoneorjustme.com/ ironically :)
This Internet thing is steadily becoming the most fragile surface attack out there. No need for nuclear weapons anymore, just hit Cloudflare and AWS and we are back to the stone age.
We're on the enterprise plan, so far we're seeing Dashboard degradation and Turnstile (their captcha service) down. But all proxying/CDN and other services seem to work well.
Came back up for a few minutes and has gone down again. https://www.cloudflarestatus.com has nothing.
Love that for them. Congrats on building such a re-centralized web!
Why are we seeing AWS, then Azure, then Cloudflare all going down just out of the blue? I know they go down occasionally, but it's typically not major outages like this...
Update: It seems to be back, the downtime lasted maybe 5-6 minutes
Down... "Please unblock challenges.cloudflare.com to proceed." On every Cloudflare hosted website that I try. This timing SUCKS.......... please resolve fast! <3
Ah! Well, all of my websites are down! I’m going to take screenshots and have it as part of my Time Capsule Album, “Once upon a Time, my websites used to go down.”
Yes, it impacted our services https://www.cloudflarestatus.com/
Most down-detectors are down due to their dependency on CF.
Cloudflare Mumbai, Bengaluru, Chennai, Hyderabad edge-nodes also unable to serve content.
x.com down.
Few quick-commerce apps are acting up at times.
You can't even turn off caching from Cloudflare because...the Cloudflare dashboard is down.
So everyone who's wrapped their host with Cloudflare is stuck with it.
Since when does critical infrastructure fail weekly?! One week is AWS, then azure + AWS, now cloudfare...
Time to go back to on prem. AWS and co are too expensive anyways
If someone wanted to learn about how the modern infrastructure stack works, and why things like this occur, where would be some good resources to start?
I'm really surprised by the sheer scale of how many websites this outage is affecting. We really need to decentralize all of these monolith clouds.
When this kind of thing happens it makes me feel better about my own programming problems.
I wonder if it has anything to do with the replicate.com purchase? Probably not.
I sometimes question my business decision to have a multi-cloud, multi-region web presence where it is totally acceptable to be down with the big boys.
Supabase is down bad too... need to work on my project!
Well that was quick. I saw a status saying server maintenance. And then it changed to “we’re looking into this” must’ve made an oopsie I suppose
ELON! GO AND KICK THOSE CLOUDFLARE ASSES!
or search a new job for yourself. Maybe digging to the earth core. Why? Idk. Because then you can say: I did it, or so.
CONTROL PLANE FAULT: CRITICAL SECURITY OVERRIDE enforced across us-east-1 and eu-west-2. ERROR CODE: STS.SecurityAuditLockout (403 Forbidden).
Glad to see things are actually working here! Also, my website (halomate.ai) is using CF too, and surprisingly, it's working fine as well
What is funny us that on their global status list for services, everything looks green except "network" that is "offline".
I started restarting my own servers thinking something went awry again, that's how much I usually trust them not to be down. Interesting.
Funny that their status page shows almost all locations “Operational” but they’re not. Are they updating the page manually and keep it green?
Like AWS I can't help but think we're going to get more and more of these as the tech industry continues to DOGE its workforce.
The privacy kingpin in india, has been caught and most of the network are affected. We will be resuming the servers from Sweden shortly.
https://www.cloudflarestatus.com - has been updated.
Looks like the status page is suffering too because it can't load jQuery:
(index):64 Uncaught ReferenceError: $ is not defined at (index):64:3
ChatGPT isn't working.
No suicides created by ChatGPT Today. Billions of dollars in GPU will sit idle. Sudden drop of Linkedin content...
World is a better place
Whenever I try collapse root threads on this page it locks up the browser for 5+ seconds.
Windows 11, latest Edge browser, 64GB of RAM, 13th Gen i7.
Back up for me now
Whole bunch of local South African sites are dead, with cloudflare http 500 errors. Can see Lisbon & Amsterdam crashing out.
Yep, got around 100 SMSs from our uptime monitoring service that our Cloudflare sites are down. Nothing much we can do but wait.
Just were talking about how Replicate might have better availability due to joining Cloudflare, and they too went down... Oops.
What a wild ride, the traffic to my site is more akin to a rollercoaster. Got better for a few mins and then fell back apart.
Its ironic that downdetector is down as well..
This one is bigger than the AWS East outage...
Lots of valid concern about us all using CF, but is their an alternative to their WAF that isn't enterprise expensive?
Keeps going up and down for me, I cant access DownDetector to check. The first website I noticed it on was Blender Artists.
Yes, all sites are down. Getting a 500 error from India.
Update: Looks like the issue has been resolved now. All sites are operational now.
Gemini and other agents are now failing when they search for something on the web. ChatGPT can't even be accessed.
I wish the "pause CF" button would work via API or via any other way, even if there is an outage like this.
Insane, my website https://geddle.com totally down
Well it was bound to happen eventually, the "Down Roulette" has decided it should be Cloudflare this week!
Cloudflare is the real backbone of the internet in 2025. It should be a globalized property like ICANN or something
just yesterday cloudflare announced it was acquiring replicate (ai platform) "the Workers Platform mission: Our goal all along has been to enable developers to build full-stack applications without having to burden themselves with infrastructure" according to cloudflare's blog, are we cooked?
I was reading up on home lab server racks, and every single site is down with a Cloudflare error. So much for DIY!
makes you realise, if cloudflare or one of these large organisations decides to (/ gets ordered by a deranged US president to) block your internet access, that's a whole lot of internet you're suddenly cut off from. Yes, i know there are circumventions, but its still a owrrying thought.
Email workers of all things seem to have slowed down dramatically, although they're not down completely.
I'm genuinely curious how much of the web depends on cloudflare and AWS. This centralisation sucks though
Took down both Twitter and Rateyourmusic. This is a targetted attack against me specifically and nobody else
Garmin site not working for example, and they removed the export option from the mobile application though.
I would love to be a bee on the wall in the room where Cloudflare response engineers are working right now.
Well, was reading the docs for Express, and shouted wtf a couple of times, before seeing this post on HN.
Ironically, cloudflare.com is not down.
Time to check Hacker News instead of work. Even my usual procrastination websites are down due to this.
ChatGPT was down so I couldn't work, go to lichess, turns out, it's down too now what do i do?
Some CDNs are down too, for example cdn.tailwindcss.com And apparently I can't log into Hackernews?
https://hacked.stream/
We really do have two surprise holidays every year: AWS Day and Cloudflare Day. Happy outages, everyone.
Looks like it. Even sites like isup.me seem to be down, lots of cloudflare error messages across the net
For some reason linear.app is working but according to their headers they should be behind Cloudflare.
Anyone seeing a link between AI-generated infra code and this year’s wave in popular service outages?
is there any way to get past challenges.cloudflare.com with tokens or something?
so stupid there is no fallback and can take down 50% of the internet
adding:looks like even Cloudflare's Silk Privacy Pass with challenge tokens is broken
such a great idea to put half the web behind a single fail point without fallover
It’s been 45 minutes and I’m already looking forward to the day Kevin Fang makes a video about this
Suddenly feeling better about our 99.9% uptime SLA.
When even Cloudflare goes down, nobody can blame the little guys.
Maybe this incident will make people rethink putting Cloudflare blindly in front of every website.
X is down, and many many other sites. This is not the web I grew up on. Do not centralize people.
Funny enough, it happened on the same day that AWS CloudFront launched their flat-rate plans!
This is reason 1, 2 and 3 on my "Top 3 Reasons to not Put All Eggs in One Basket" list.
It's interesting to see hacker news response time reaching almost 2 seconds for this post.
Almost every site I'm trying to connect to is down. The internet is way too centralized.
Things seem to be coming back up... been almost 45 minutes, since my first alert came at 0836
I was using Cloudflare WARP; had to turn it off to access most of the websites i visit daily.
Not affected using tunnels, CDNs.
it's probably related to the recent ddos attacks they helped mitigating.
They offer a great service for now, i hear.
Unfortunately, that means they can also break 75% of the internet.
How come cloudflare.com is still working, do they not trust their own orange proxy service?
Update: Cloudflare has announced they will be sacrificing their CEO at the alter in penance
Such a shame though. I wonder how long it's going to take before they bring it back up
Cloudflare issue is due to latency in DDOS errors.
>cups.servic
>foomaticrip
Form a [cerulean] type-font in the page-source.
And here I was wondering why my website shut down & why I couldn't tweet about it
Singapore is down as well in Asia
OK, it seems to be working again.
I learned from reliable sources about a denial-of-service attack; everything went down.
I can't even load the dashboard to change to "DNS only". Nothing to do?
I can't rebuild my NixOS image because of this lol. (chrome install not working)
Poland. Most of the popular sites are down. Including community forum on Cloudflare.
Crazy to think that it's apparently acceptable to centralize the web like that.
I've been waiting for hours, it looks like I can finally take a day off today.
Seems like coudflare activated the maximum llm-scraper-bot-protection for everyone.
API still seems to work if you already have a script to hand to unproxy everything.
Just when I was assigned a task yesterday but decided to do it today early morning.
Cloudflare captchas don't work, which has taken down both Claude and Perplexity for me.
Lovely.
Even Twitter is down. Most of my customers are shouting at the top of their head!
Has anyone else noticed a major drop in email spam with this cloudflare outage?
Cloudflare's own status page is not responding. I guess it's down too?
All Cloudflare websites are down!!!! When will it get fixed? I dont have time.!!
For fun, I asked google what's an alternative to Cloudflare. It says, "A complete list of Cloudflare alternatives depends on which specific service (CDN, security, Zero Trust, edge computing, etc.) you are replacing, as no single competitor offers the exact same all-in-one suite"
I think Companies are firing wrong people that we get these downtimes so often.
Ukraine. Sporadic outages as well. Error pages blame Cloudflare Warsaw servers.
So it begins. Now is the time to banish the evil presence from the internet. :D
These big cloud providers are turning into giant off-switches for the internet
I’m glad I have kindle in my bag today. Websites down but not much we can do.
Browser Working, Portland Cloudflare Error, apps.ideal-logic.com Host Working
80% of web sites I visited in last 15 minutes are not available anymore, LOL
Probably the IDF trying a mass network attack to go and Occupy the Holy See
Even downdetector is down, I can't get through the Cloudflate captcha.
Even downdetector is down, I can't get through the Cloudflate captcha.
The whole damn internet now depends on them. I guess I am bullish for $NET
So do we have a guarantee that posts are not made by AI for a few minutes?
Cloudflare fully down for me and my team, half of internet just vanished
Still ongoing. Some requests going through. Some get the cf error page.
at least https://xprice.ro is up, dont know how and why cuz we use cloudflare and we're hosting in germany/hetzner
i use checklyhq.com for my website status page and those are down as well...
https://sexyvoice.checkly-dashboards.com
What are the odds this is a human configuration error related to DNS?
Saw cloudflare go down before my very eyes on colonist.io in Australia
Off topic, but the 500 page from prusa3d is quite good:
https://www.prusa3d.com/
https://imgur.com/a/OW5KL8r
used a down-detector site to check if cloudflare is down, but the site is running on cloudflare, so i couldnt check if cloudflare was down for anyone else, because cloudflare was down
I was reading some novels today and then Bam! a cliff hanger now...
What is happening to cloudflare, anybody knows? Everything is down!
It's outrageous that it hasn't been fixed since 2 hours
Even twitter is gone. Where will I post memes mocking cloudflare?
World infrastructure is taking a hit. First us-east and now this.
If a cloud vendor with 1 million users experiences a long term outage: the vendor has a serious problem. If a cloud vendor with 1 billion users experiences a long term outage: the internet has a serious problem. Yada-yada-yada xkcd/2347 but it's the big block in the middle which crumbled
Seems to work again. 40min downtime for many services it seems.
For cf tunnel alternatives are available, I maintain pinggy.io
Dallas CF is down, so basically every app and website is down.
Seems like the merging with Replit didn't work so well :p
I tried to go to Downdetector before coming to Hacker News...
Would be funny if it was a record breaking ddos on cloudflare
This is a nightmare situation, we can't get in anywhere
AWS, then Azure, now Cloudflare. Welcome to the AI era. Meanwhile my hetzner vServer has been running for three years without issues.
Waking up in East coast USA to all sites being down, yay...
Our company is loosing money with every second of downtime.
The Eastern Herald news website is down. Easternherald.com
It also took chatgpt and claude , trying to access from pk
even the famous applications like Chatgpt, x.com are down
why do I always get "Server Error" and not an explanation that Cloudflare is having problems? This makes me look bad in front of my customers.
https://news.ycombinator.com/user?id=jgrahamc
>I was Cloudflare's CTO.
A gentle reminder to not take any CF-related frustrations out on John today.
Is it me or do these outages happen pretty often lately?
When's the last time Cloudflare had such an outage?
Same problem here in Italy. Website up and down again.
I’m assuming hard rock (bet) is run by cloudflare also
My static website hosted on cloudflare works :/
is anyone's hackernews lagging when loading the comments? ive seen posts with 2k comments before but for some reason this took longer
Also seeing this on my websites hosted on cloudflare
Third time's the charm? Seems more stable now.
It’s down worldwide practically, in the US,UK,NZ,AU
Did something happen to the Cloudflare lava lamps ?
More proof that central planning doesn't work
it's funny I first noticed this visiting a random blog, then went on X and got the same error... is Cloudflare the Internet now?
Getting a 500 error from cloudflare in Manchester
Whats peoples bets on the root cause of this...?
Even pornhub is down becuase it use cloudflare.
Couldn't work. Fuckin' cloudflare . Feels like 25% of the Internet is down.
Im going home. Time for a beer .
Greetings from germany
Just when the eastern cities are waking up too.