Huge Cloudflare outage has taken down X, OpenAI, Downdetector

px_eliezer_ · 2025-11-18T13:25:01+00:00

Web users are facing the latest in a string of web outages amidst technical issues at Cloudflare. Users first began reporting issues at around 11.30am UK time (06.30am EST), and a host of popular websites have been affected by the incident. Social media platform X, as well as Canva and OpenAI are among those caught up in the outage so far. Meanwhile, players on online games such as League of Legends and Valorant have also encountered difficulties…. https://www.itpro.com/infrastructure/a-massive-cloudflare-outage-has-taken-down-x-and-openai-and-even-bricked-outage-tracker-site-downdetector (Posting in Main forum because this affects a big cross-section of people, not just one area).

Heat84

broknsymetry A Cloudflare spokesperson said the company observed a “spike in unusual traffic” to one of its services around 6:20 a.m. ET, causing some traffic passing through its network to experience errors.

🤣

Heat84

Indeed.com is working again.

I guess the aliens were looking for a job to use as a front for their invasion.😛

Thane_Bitter

bennor So many words that say nothing but equate to “we f’d up bad, but we don’t care because you don’t have a choice”

Stembolt

https://techcrunch.com/2025/11/18/cloudflare-blames-massive-internet-outage-on-latent-bug/

“In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack,” Knecht wrote, referring to a bug that goes undetected in testing and has not caused a failure.

Heat84

Stembolt “In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack,” Knecht wrote, referring to a bug that goes undetected in testing and has not caused a failure.

A likley story. The mothership is cloaked in orbit or on the darkside of the moon.

🤣

Guy54435

Don’t know if this was related but yesterday starting early afternoon I needed to switch my DNS from Cloudflare to another provider . Moving around page to page was pretty slow as well as site to site, not seeing that this afternoon.

Somewhat-Reticent

Heat84 designed to stop the bad ~~guys~~ bots

HELLFIRE

Amazon AWS – https://broadbandbulletin.com/d/6038-major-outage-at-aws-affected-many-sites-recovery-underway

MS Azure – https://broadbandbulletin.com/d/6189-dns-outage-impacts-azure-and-microsoft-365-services/

IBM Cloud – https://broadbandbulletin.com/d/6228-ibm-cloud-is-experiencing-a-quantum-computer-outage

…now Cloudflare. There a “hold my beer and watch this” amongst the major infra providers we don’t know about? Looking forward to Cloudflare’s own postmoretem on this…

And kudos again to @px_eliezer_ for this banger 🤣 🤣

Computer Located Outside User Domicile.

Regards

HELLFIRE

HELLFIRE Looking forward to Cloudflare’s own postmoretem on this…

Looks like Cloudflare came through : https://blog.cloudflare.com/18-november-2025-outage/

… Instead, it was triggered by a change to one of our database systems’ permissions which caused the database to output multiple entries into a “feature file” used by our Bot Management system. That feature file, in turn, doubled in size. The larger-than-expected feature file was then propagated to all the machines that make up our network. … The software had a limit on the size of the feature file that was below its doubled size. That caused the software to fail. …

Remediation and follow-up steps
Hardening ingestion of Cloudflare-generated configuration files in the same way we would for user-generated input

Enabling more global kill switches for features

Eliminating the ability for core dumps or other error reports to overwhelm system resources

Reviewing failure modes for error conditions across all core proxy modules

Regards

Somewhat-Reticent

HELLFIRE Steps taken, or TBD?

HELLFIRE

https://krebsonsecurity.com/2025/11/the-cloudflare-outage-may-be-a-security-roadmap/ – The Cloudflare Outage May Be a Security Roadmap

… Turner said Cloudflare’s WAF does a good job filtering out malicious traffic that matches any one of the top ten types of application-layer attacks, including credential stuffing, cross-site scripting, SQL injection, bot attacks and API abuse. But he said this outage might be a good opportunity for Cloudflare customers to better understand how their own app and website defenses may be failing without Cloudflare’s help. …

Regards

Stembolt

https://www.androidauthority.com/cloudflare-down-december-2025-3622495/

Dks01

Stembolt That explains the 30 second delay on Chrome loading the first web site.

GeekGirl1

It’s clickbait. Here’s an update to the description direct from Cloudflare: Cloudflare System Status

Cloudflare Service Issues
Resolved - This incident has been resolved.

A change made to how Cloudflare’s Web Application Firewall parses requests caused Cloudflare’s network to be unavailable for several minutes this morning. This was not an attack; the change was deployed by our team to help mitigate the industry-wide vulnerability disclosed this week in React Server Components. We will share more information as we have it today.
Dec 5, 09:20 UTC
Update - We are continuing to monitor the results.
Dec 5, 09:19 UTC
Monitoring - A fix has been implemented and we are monitoring the results.
Dec 5, 09:12 UTC
Update - We are continuing to investigate this issue.
Dec 5, 09:09 UTC
Investigating - Cloudflare is investigating issues with Cloudflare Dashboard and related APIs.

Customers using the Dashboard / Cloudflare APIs are impacted as requests might fail and/or errors may be displayed.
Dec 5, 08:56 UTC

px_eliezer_

GeekGirl1 It’s clickbait.

I really would not call it clickbait when it took down sites all over the world*, seemingly more than just a few minutes in many cases.

*(John Lennon wished to imagine that “the world will live as one” and in a sense his goal was achieved).

As well, scheduled maintenance is not acceptable anymore as an excuse, especially because they should have been extra careful due to the other recent outage.

It contnues to be ironic that “Down Detector” was once again—down.

THAT site should have a backup provider.

InternetJeff

Seems like Cloudflare controls too much of the internet. I think there’s a fix for that.

Stembolt

Cloudflare blames today’s outage on emergency React2Shell patch

Critical React2Shell flaw actively exploited in China-linked attacks

HELLFIRE

That an “Ooops!” or an “Aww S**T!” moment? Asking for a friend 🤣 🤣 🤣

Regards

InternetJeff

Welp, in light of the outage it seems that some sites have temporarily turned off their Cloudflare filters, and I was able to log into a couple sites without having to deal with that problematic Cloudflair turnstile that you have to do a kabuki dance with by switching to incognito mode and back, modifying your browser user agent, etc. It was so smooth without that gunk, it was like logging into a site 15 years ago. Those sites will probably re-enable that garbage as soon as it’s “fixed”. Belch. 🤮

Stembolt

InternetJeff Those sites will probably re-enable that garbage as soon as it’s “fixed”.

The reason most sites use CloudFlare is to protect themselves from Denial of Service attacks and other security vulnerabilities. Malware bot-nets make it relatively easy for hackers to launch large scale attacks at websites.

InternetJeff

Stembolt The reason most sites use CloudFlare is to protect themselves from Denial of Service attacks and other security vulnerabilities. Malware bot-nets make it relatively easy for hackers to launch large scale attacks at websites.

I thought captchas were supposed to stop bots and automated attacks. That infernal turnstile errors out half the time, and you have to do the aforementioned kabuki dance. If I can get in by manipulating incognito mode and my user agent, how hard is it for a bot to get in doing the same? No rhyme, no reason.

And, FWIW, one you’ve logged in and proven you’re human from your IP address, that IP address should be whitelisted for some period of time and allowed to bypass the gonk.

There are some sites I’ve just blacklisted on my end for their overly ~~aggressive~~ paranoid practices.