Cloudflare Outage: How a Small Change Took Down Thousands of Websites Worldwide

Yousef Nasr
Yousef Nasr11/20/2025
Cloudflare Outage: How a Small Change Took Down Thousands of Websites Worldwide

If you regularly use platforms like X (formerly Twitter), ChatGPT, or browse different websites every day, you might have noticed something strange recently:
many popular websites suddenly stopped working.

At first, the question is obvious:
“Is my router broken? Did my internet package run out?” 🤔

The answer?
No 😌 — the problem wasn’t on your side.

A Global Issue, Not a Local One

More than 11,000 devices worldwide reported failures while trying to access various websites.
Even more surprising, DownDetector — the website people use to check outages —
was itself unavailable 😅

That was a clear sign that this was a global infrastructure problem, not a single website failure.

The Real Cause: Cloudflare

The outage was caused by an issue at Cloudflare, one of the largest internet infrastructure companies in the world.

Cloudflare is not just a hosting provider.
It acts as a gateway for thousands of websites by:

  • Protecting them from cyberattacks
  • Blocking malicious bots
  • Improving performance and reliability

In simple terms:
When Cloudflare goes down, a large part of the internet feels it.

Was It a Cyberattack? 🤔

The most common assumption was that this was a cyberattack.

But the truth is:
It wasn’t.

What happened was actually more unexpected.

What Happened Technically?

Here’s what went wrong:

  • A Cloudflare employee modified database access permissions
  • This caused a massive number of entries to be added to a file called a Feature File
  • That file is used by an internal management bot to track potential threats

The problem:

  • The file size increased dramatically
  • It was automatically distributed to Cloudflare servers worldwide
  • The server software could not handle the sudden file size
  • Result:
    A complete system crash 😵‍💫

One Small Change, Massive Impact

No hacking
No botnet
No malicious attack

Just one small configuration change that:

  • Took down thousands of websites
  • Disrupted global services
  • Made users question their own internet connection

This Isn’t the First Time

If this scenario sounds familiar, that’s because it already happened before.

Recently:

  • Amazon Web Services (AWS) experienced a similar outage
  • A minor system update contained a critical flaw
  • Thousands of projects relying on AWS were affected

The Key Lesson

Not every server failure is caused by hackers.

Sometimes the real reasons are:

  • A faulty update
  • A misconfigured permission
  • An automated process running at the wrong time

And in some cases:

  • A junior engineer making a mistake
  • A spilled cup of coffee ☕
  • Or even a fire in a data center 🔥

Mish Hackers

©2026 MSH Hackers SCU. All Rights Reserved.

Cloudflare Outage: How a Small Change Took Down Thousands of Websites Worldwide