Cloudflare is the silent backbone of a significant chunk of the modern internet. It sits invisibly between users and millions of websites, handling everything from content delivery and DDoS protection to DNS resolution and bot filtering. On a good day, you never even know it’s there. On a bad day a really bad day and it takes a third of the internet down with it.
Over the past 18 months, Cloudflare has experienced a string of high-profile outages, each one a case study in how quickly a single misconfiguration can cascade across a globally distributed network. The November 2025 Bot Management crash. The February 2026 BGP route withdrawal that wiped 1,100 customer IP prefixes from the internet for over six hours. Each incident followed a similar pattern: a change deployed at speed, a flaw that wasn’t caught in testing, and millions of users suddenly staring at error pages.
This guide is built for two audiences. If you’re a developer or site owner trying to figure out whether Cloudflare is down right now, you’ll find a step-by-step diagnostic checklist, a breakdown of every error code, and a live-status reference within the first few sections. If you want to understand why these outages keep happening and the technical root causes, the architectural decisions behind them, and what Cloudflare is doing to fix it and the deeper sections cover exactly that.
By the end of this page, you’ll know how to tell a Cloudflare outage apart from your own server problems in under 60 seconds, what to communicate to your customers while you wait for resolution, and how to set up alerts so you’re never caught off guard again.
1. Current Cloudflare Status
Cloudflare is currently reporting multiple active incidents. The official status page at cloudflarestatus.com lists every component CDN, DNS, Workers, Zero Trust, Access and whether each is operational, degraded, or fully down. You can subscribe to real-time alerts via email, PagerDuty, or webhooks.
2. What Happened? Root Causes Explained
When people search ‘Cloudflare down again,’ they’re usually reacting to one of a small number of recurring failure modes. Below is a plain-English explanation of each recent incident.
November 18, 2025 The Bot Management Crash
A routine change to database permissions on an internal ClickHouse cluster caused a query to return duplicate rows. This bloated a machine-learning feature file used by Cloudflare’s Bot Management system until it exceeded a hardcoded memory limit, causing the core proxy software to panic and crash globally.
Impact: HTTP 500 errors across one-third of the top 10,000 websites. Even Downdetector went down.
Duration: ~5.5 hours (11:17 UTC after 17:00 UTC)
Severity: CRITICAL
| Time (UTC) | Event |
| 11:17 | Cloudflare services begin to fail globally |
| 11:30–13:30 | Websites and APIs worldwide become slow or unreachable |
| 14:00–16:00 | Network teams roll out fixes and configuration rollbacks |
| 16:55 | Global services gradually return to normal |
| After 17:00 | Most affected sites recover fully |
December 5, 2025: The WAF Configuration Cascade
Engineers pushed a WAF (Web Application Firewall) configuration change to patch a vulnerability in React Server Components. The update accidentally changed how the WAF parsed incoming HTTP requests, causing roughly 28% of all HTTP traffic behind Cloudflare to be affected for approximately 25 minutes before the change was rolled back.
Duration: ~25 minutes
Severity: CRITICAL
February 20, 2026: The BGP Route Withdrawal
A bug in Cloudflare’s BYOIP (Bring Your Own IP) pipeline caused the unintentional withdrawal of approximately 1,100 customer IP prefixes from the global internet via BGP. Affected businesses suddenly found their entire internet presence had vanished.
Duration: 6 hours 7 minutes their longest recent outage
Cause: Not a cyberattack; confirmed internal configuration bug
Severity: CRITICAL
May 5, 2026: DNSSEC Signing Failure (.de Domains)
Germany’s domain registry DENIC published broken DNSSEC signatures for the entire .de top-level domain, making millions of German websites unreachable. Cloudflare responded by temporarily disabling DNSSEC validation for .de domains on its 1.1.1.1 resolver a sanctioned emergency measure under RFC 7646. This was an external failure, not caused by Cloudflare.
Severity: MINOR (external cause)
3. Which Websites & Services Are Affected?
Because Cloudflare acts as an invisible layer between users and millions of websites, a single failure ripples outward to an enormous number of services. During recent outages, confirmed affected platforms included:
| ✓ X (Twitter) | ✓ ChatGPT / OpenAI |
| ✓ Spotify | ✓ Canva |
| ✓ Zoom | ✓ Coinbase |
| ✓ Downdetector | ✓ Grindr |
| ✓ League of Legends | ✓ Shopify Stores |
| ✓ Claude (Anthropic) | ✓ Letterboxd |
Note: These websites were NOT directly broken their own servers were fine. The failure happened at the Cloudflare layer sitting in front of them. This is why error pages show Cloudflare branding rather than the site’s own design.
4. Cloudflare Outage History 2025–2026
The pattern across these incidents is striking in most cases, failures were caused by configuration changes that propagated too quickly without sufficient testing gates.
| Date | Duration | Root Cause | Severity |
|---|---|---|---|
| Feb 6, 2025 | ~2 hrs | R2 object storage outage; dependency failure | MAJOR |
| Mar 21, 2025 | 1 hr 7 min | Credential rotation error; deleted production keys | MAJOR |
| Jun 12, 2025 | 2 hrs 28 min | Third-party cloud provider backing Workers KV failed | CRITICAL |
| Jul 14, 2025 | 62 min | Service topology change broke 1.1.1.1 DNS resolver | MAJOR |
| Sep 12, 2025 | ~1 hr | Dashboard and APIs unavailable; partial network issues | MINOR |
| Nov 18, 2025 | ~5.5 hrs | Bot Management feature file crashed proxy globally | CRITICAL |
| Dec 5, 2025 | ~25 min | WAF config change broke HTTP request parsing | CRITICAL |
| Feb 20, 2026 | 6 hrs 7 min | BYOIP pipeline bug withdrew 1,100 BGP prefixes | CRITICAL |
| Apr 3, 2026 | 54 min | Sites and Services CDN layer degraded performance | MAJOR |
| May 5, 2026 | Ongoing | DNSSEC signing failure at DENIC registry (.de TLD) | MINOR |
5. Cloudflare Error Codes Explained
Understanding Cloudflare error codes helps you quickly determine whether the problem is on Cloudflare’s side or your own server.
| Error | Name | Meaning | Likely Cause |
|---|---|---|---|
| 500 | Internal Server Error | Cloudflare’s network is failing to process the request | Cloudflare-side during a major outage |
| 502 | Bad Gateway | Cloudflare received an invalid response from origin | Could be Cloudflare or your server |
| 520 | Unknown Error | Origin server returned an unexpected response | Usually caused by the origin server |
| 521 | Web Server Is Down | Cloudflare cannot connect to the origin server | Your server is offline or unreachable |
| 522 | Connection Timed Out | Connection between Cloudflare and origin timed out | Origin server overloaded or offline |
| 524 | Timeout Occurred | Server did not respond in time after Cloudflare connected | Slow or overloaded origin server |
| 1020 | Access Denied | A Cloudflare firewall rule blocked the request | Misconfigured WAF or security rule |
Tip: During a widespread Cloudflare outage, you’ll most commonly see Error 500 or 502 with Cloudflare’s own branded error pages. Errors 521, 522, and 524 more often indicate problems with your own hosting server.
6. What To Do Right Now: Step-by-Step Guide
- Confirm it’s Cloudflare, not your server visit cloudflarestatus.com. If any component shows ‘Degraded Performance’ or ‘Partial Outage,’ do not touch your server settings yet.
- Check downdetector.com for user reports. A sharp spike in reports within 30–60 minutes confirms a live outage.
- Notify your team immediately so they know the issue is external. This prevents wasted hours debugging internal systems.
- Post a status update for your customers: ‘We are experiencing issues due to a third-party provider (Cloudflare) outage. Our systems are operational.’
- If you’re a Cloudflare BYOIP customer, check your IP prefix advertisements and manually re-advertise if needed from the dashboard.
- Wait for resolution. Do NOT disable Cloudflare mid-outage this exposes your origin server to DDoS.
- After resolution: read Cloudflare’s post-mortem at blog.cloudflare.com. Set up status alerts and review your failover architecture.
7. Is It Cloudflare or Your Own Website?
| It’s Cloudflare If… | It’s Your Website If… |
| The error page has Cloudflare’s branding | Only your website is down |
| Multiple unrelated websites are also down | The error is 521, 522, or 524 |
| cloudflarestatus.com shows an active incident | Cloudflare’s status page shows all green |
| Social media reports widespread outages | Your hosting panel shows server errors |
| Your origin server responds fine when pinged directly | Recent deployments coincide with the timing |
60-Second Test: Visit downforeveryoneorjustme.com and enter your URL. Then open cloudflarestatus.com. If the first says ‘It’s not just you’ AND Cloudflare shows an incident — you have your answer.
8. How To Get Alerted for Future Outages
Official Cloudflare Notifications
Log into your Cloudflare dashboard → Notifications → subscribe to Cloudflare Status alerts. Receive updates via email, PagerDuty, or webhooks. Free for all plan levels.
Third-Party Monitoring Tools
Services like Statusfield, Better Uptime, and UptimeRobot monitor Cloudflare’s public status API and alert you the moment any component changes.
Cloudflare Status API / RSS
Cloudflare exposes a public API at cloudflarestatus.com/api returning live JSON data. Engineering teams can integrate this into internal dashboards or Slack channels.
Pro Tip: Create a dedicated Slack channel (e.g. #third-party-incidents) and route Cloudflare status webhooks there. Pair it with a pinned ‘what to do during Cloudflare outage’ runbook in the same channel.
FAQ’s
Q: Is Cloudflare down right now in 2026?
As of May 2026, Cloudflare has active incidents including a Bot Management issue (May 5) and a DNSSEC signing problem for .de domains. For real-time status, visit cloudflarestatus.com.
Q: Why does Cloudflare keep going down?
Most outages since 2025 have been caused by configuration changes that propagated too quickly. Cloudflare’s Quicksilver system can push changes to 90% of its global fleet in seconds — excellent for performance, but catastrophic when the change contains a bug. Cloudflare has launched a ‘Code Orange: Fail Small’ initiative for safer staged rollouts.
Q: How long does a Cloudflare outage typically last?
Minor degradations resolve within 25–60 minutes. More serious outages like the November 2025 Bot Management crash lasted over 5 hours, and the February 2026 BGP incident lasted over 6 hours.
Q: Is the Cloudflare outage a cyberattack or DDoS?
No. All major Cloudflare outages in 2025 and 2026 were caused by internal configuration errors, software bugs, or third-party infrastructure failures. Cloudflare has explicitly confirmed in each post-mortem that the outages were not caused by cyberattacks.
Q: What websites go down when Cloudflare has an outage?
Any website using Cloudflare for CDN, DNS, DDoS protection, or WAF can be affected. During the November 2025 outage, confirmed affected services included X (Twitter), ChatGPT, Spotify, Canva, Zoom, Coinbase, League of Legends, and Downdetector itself. Estimates suggest roughly one-third of the world’s top 10,000 websites showed errors at peak.
Q: Can I bypass Cloudflare if it goes down?
In most cases, no not safely. Bypassing Cloudflare exposes your origin server’s real IP address, removing DDoS protection and firewall rules. Unless you have a pre-tested failover configuration, wait for resolution. Exception: BYOIP customers can manually re-advertise prefixes during certain outage types.
Conclusion
Cloudflare is a cornerstone of modern internet infrastructure keeping millions of websites faster, safer, and available. But as the past 18 months have shown, even the most mission-critical infrastructure is vulnerable to the cascading effects of a single bad configuration change pushed at internet scale.
The most important thing when Cloudflare goes down: don’t panic, don’t touch your server, and confirm the issue is external before spending hours debugging your own code. Use cloudflarestatus.com as your single source of truth.
Cloudflare’s ‘Code Orange: Fail Small’ initiative and new tooling (Snapstone, Engineering Codex) represent a serious commitment to staged rollouts and safer deployments. In the meantime — set up your status alerts, build your runbook, and stay informed.
