An New massive outage on the Cloudflare network This morning, millions of users worldwide were once again left without access to websites and digital services. The outage, which began early Friday morning, particularly affected Europe and Spain, where numerous platforms displayed loading errors and failure messages for several minutes.
The problems began to be noticed around the 09:45-10:00 (Spanish Peninsular Time), when websites of all kinds — from social networks to online banking or artificial intelligence tools — began returning messages such as "500 Internal Server Error", "Bad Gateway" or simply remaining blank without loading.
What went wrong at Cloudflare and why was it so serious
According to the company's official status page, the incident originated in its dashboard and several internal APIsA change in the protection system WAF (Web Application Firewall)The system, deployed to reinforce security, was the trigger for the failure that ended up affecting a significant part of its global network.
Cloudflare explained that the modification was aimed at mitigate a vulnerability detected this week in React Server Componenta technology used by many modern websites. However, the adjustment introduced unexpected behavior in the way the WAF parses requests, which degraded the availability of its infrastructure for several minutes.
During the peak of the fall, the official company data They indicate that the dashboard and its APIs experienced a very high level of unavailability and that around a 15% of global traffic was degradedAlthough the CDN network—the part responsible for distributing content—and many security features in the edge They remained standing; the practical impact on millions of websites was evident.
These types of incidents demonstrate the extent to which an internal failure in the infrastructure of a single provider This can translate, in a matter of seconds, into widespread errors for users who don't even know they depend on that company.
Platforms and services affected: from social networks to digital banking
Throughout the morning, users from different countries have been reporting on social media and incident portals that Many services stopped functioning normallyIn Spain and the rest of Europe, problems have been observed in:
- Social networks and professional servicesLinkedIn has experienced outages and slowness, with pages that failed to load completely.
- Creative and work toolsCanva and Zoom have experienced intermittent errors, affecting both individual users and businesses.
- Video games and entertainment platforms: titles like Fortnite They have reported connection difficulties, with interruptions in games and online services.
- Digital banking and financial servicesAccess failures have been detected in the online banking of entities such as CaixaBank and Bankinterboth on the web and in mobile applications.
- Online stores and e-commerce: businesses like MediaMarkt, Decathlon or Vinted They have had loading problems on their portals.
- Delivery and consumption platformsServices like Deliveroo have operated erratically during the most critical period.
- Artificial Intelligence Tools: widely used services, such as ChatGPT, Claude, Perplexity or Gemini, have suffered partial or total interruptions.
The situation has become so striking that even Downdetector, the portal specializing in monitoring fallsIt has shown errors and failure messages because it also relies on Cloudflare's own network. Something similar has happened with other websites that, using the service as an intermediary layer, saw their pages display warnings "signed" by the CDN platform itself.
In many cases, users have encountered error screens indicating that The request could not be processed correctly due to a problem in the intermediation system, even though the final servers of the affected companies remained powered on and operational.
Beyond the well-known big brands, thousands of corporate portals, small shops, digital media, and internal business services They have been affected by the incident, with intermittent failures that have subsided as Cloudflare rolled out the fix.
Service outage and restoration times
The first clear signs of trouble began shortly before 09:45 hours in Spainwhen different platforms began to fail almost simultaneously. On its status page, Cloudflare confirmed that at 08: 56 GMT He was "investigating issues" in the dashboard and associated APIs.
Towards the 09:20-10:12 (peninsular time)The company announced that it had already implemented a solution and that the system was entering a phase of close supervision and monitoring. From that point on, many services began to recover gradually.
In Spain, numerous users have indicated that the most severe disruption It lasted about 45 minutesAlthough some sites continued to experience isolated problems for a while longer. Globally, Cloudflare has reported an impact on several minutes of strong impact for a significant percentage of global traffic.
The company has indicated that, shortly after 9:20 GMTThe service was already functioning normally on the main network, although technical monitoring was maintained to ensure that no lingering effects from the outage remained. A more detailed report with the internal analysis of the incident is expected to be published later today.
Meanwhile, organizations that depend on these services —from from banks to e-commerce platforms— they had to go through their critical applications one by one to confirm that everything was operational again.
Cloudflare, a key piece of the Internet infrastructure
To understand the scope of these types of outages, it's helpful to remember exactly what role Cloudflare plays in the network. The company offers cloud services that act as intermediaries between users and websites: speeds up content loading, protects against attacks, and helps manage data traffic.
One of its pillars is the content delivery network (CDN)Cloudflare replicates copies of websites and resources on servers distributed around the world. This way, when someone visits a page, they don't always access the company's original server, but rather the nearest Cloudflare node, reducing latency and improving loading speed.
In addition to this, it also functions as security shieldThe system filters traffic, detects attack attempts, blocks malicious patterns, and applies rules to protect web applications. The WAF, precisely the component that has caused today's problem, is the part that It analyzes requests before they reach the final servers.looking for suspicious behavior.
Cloudflare claims to support tens of millions of websites and manage a volume that exceeds 20% of global internet traffic. This magnitude explains why, when its infrastructure is affected, the consequences are felt from social networks and AI services to payment platforms or digital banking.
This model, which allows many companies to reduce costs and gain efficiency, has its downside: When the central provider fails, the impact multiplies.This has also been seen recently with the disruptions of other giants such as Amazon Web Services (AWS) or Microsoft Azure.
It wasn't a cyberattack: the company's official version
From the very beginning, Cloudflare has wanted to make it clear that It was not a cyberattackIn statements published on its website and support account, the company insists that the origin was a internal change deployed by his own team, intended to improve security.
Specifically, the adjustment affected the way in which the Web Application Firewall analyzes requestsThe objective was to strengthen protection against a An industrial-scale vulnerability was discovered this week in React Server Component, technology on which many modern applications rely.
The modification, however, caused a unforeseen side effect which ended up impacting the availability of part of the network. According to the company itself, the change caused certain legitimate requests to be handled incorrectly, generating 500 errors and cascading failed responses.
In its public message, Cloudflare explained that The bug fix has already been deployed and that its systems are under review to prevent further incidents. The company has also promised a detailed report in the coming hours, following its usual policy of transparency after global incidents.
The official clarification has served to dispel suspicions of cyberattack or external intrusion, a hypothesis that usually arises quickly when such a relevant player in the Internet infrastructure fails.
Second major disruption in just a few weeks
Today's episode arrives just weeks after another massive drop, recorded on November 18, when a different problem in Cloudflare's internal systems took popular services such as X in SpainChatGPT, Canva, Spotify, Movistar and other major platforms.
That day, the company attributed the incident to changes to your database permissions system, also of internal origin, and announced a set of measures to prevent something similar from happening again: strengthening controls on the loading of configurations, strengthen emergency mechanismsto reduce the possibility of error reports saturating resources and to review the failure modes of its modules proxy central.
Friday's new outage, although shorter in duration, has reignited concerns among businesses and users, who are seeing how Two serious incidents in such a short time They expose the fragility of a highly centralized infrastructure. On social media, many professionals in the sector have expressed their frustration and questioned the reliability of an architecture in which A single provider accounts for nearly a third of global web traffic..
Some large clients have already started to make moves: there are companies that have announced that They will accelerate diversification towards other suppliers like Fastly or Akamai to reduce the so-called "Cloudflare risk." In sectors such as finance or e-commerce, regulators are also focusing on the resilience of the digital infrastructure in the face of failures of this magnitude.
The series of incidents at Cloudflare, AWS, or Azure raises a debate that goes beyond a single isolated failure: To what extent is it sustainable to continue concentrating essential Internet services? in a handful of great actors.
What happened today shows, once again, that a simple, poorly calibrated change in the configuration of a critical supplier It's enough to leave half the internet trembling for a few minutes: websites down, apps unresponsive, banking operations blocked, and users wondering if it's the fault of the WiFi, the mobile phone, or something much bigger that they don't see but that sustains a good part of their digital life.
