A key piece of the internet’s usually hidden infrastructure suffered a global outage on Tuesday, causing error messages to flash up across websites.
Cloudflare, a US company whose services include defending millions of websites against malicious attacks, experienced an unidentified problem that meant internet users could not access some of its customers’ websites.
Some site owners could not access their performance dashboards. Sites including X and OpenAI suffered increased outages at the same time as Cloudflare’s problems, according to Downdetector.
The outage was reported at 11.48am London time and by 2.48pm the company said: “A fix has been implemented and we believe the incident is now resolved. We are continuing to monitor for errors to ensure all services are back to normal.”
A spokesperson for Cloudflare apologised to its customers “and the internet in general for leting you down today”. They said: “We will learn from today’s incident and improve.”
As it tried to fix the problem the company disabled an encryption service called Warp in London and said: “Users in London trying to access the internet via Warp will see a failure to connect.”
Cloudflare was described as “the biggest company you’ve never heard of” by Prof Alan Woodward of the Surrey Centre for Cyber Security. The company says it provides services to “protect your websites, apps, APIs, and AI workloads while accelerating performance”.
Woodward described it as a “gatekeeper” and said its roles included monitoring traffic to sites to defend them against distributed denial of service attacks when malicious actors try to overwhelm sites with requests. It also checks users are human.
After finding a fix, Cloudfare said the root cause “was a configuration file that is automatically generated to manage threat traffic”.
This file grew beyond its expected size and triggered a crash in the software system that handles traffic for a number of Cloudflare’s services.
after newsletter promotion
“To be clear, there is no evidence that this was the result of an attack or caused by malicious activity,” a spokesperson said. “We expect that some Cloudflare services will be briefly degraded as traffic naturally spikes post-incident but we expect all services to return to normal in the next few hours.”
The problems at Cloudflare come less than a month after an outage of Amazon Web Services brought down thousands of sites.
“We’re seeing how few of these companies there are in the infrastructure of the internet, so that when one of them fails it becomes really obvious quickly,” Woodward said.
