Cloudflare’s November 18 Outage: What happened and why it matters

On 18 November 2025, a major internet disruption rippled across the globe when Cloudflare, one of the web’s most critical infrastructure providers, went down for several hours. The outage affected millions of websites and services, including household names such as X (Twitter), ChatGPT, Spotify, Discord and Canva, leaving users frustrated and businesses scrambling.

Who are Cloudflare?

Cloudflare are a backbone of the modern internet. Founded in 2009, it provides services that make websites faster, more secure and more reliable. Its global network spans over 330 cities in more than 125 countries, handling billions of requests every day.

Key services include:

• Content Delivery Network (CDN): Speeds up websites by caching content closer to users.
• Security: Protects against DDoS attacks, malicious bots and other threats.
• DNS and Routing: Ensures traffic flows efficiently and safely.
• Zero Trust and Edge Computing: Powers secure remote access and serverless applications.

In short, Cloudflare sits between users and the websites they visit. When it fails, the impact is enormous.

What caused the outage?

The disruption began around 11:20 UTC and lasted roughly four to six hours. Initially suspected to be a massive cyberattack, Cloudflare later confirmed the cause was internal:

• A bot-management configuration update introduced a bug.
• This bug allowed duplicate metadata into a critical file, doubling its size.
• The oversized file exceeded routing software limits, causing traffic failures across the network.

Engineers rolled back the change and restored services by 17:06 UTC.

Why was the impact so severe?

Cloudflare powers 15 to 20 per cent of all websites globally, including 43 per cent of the top 10,000 domains. When its network falters, even unaffected origin servers become unreachable because Cloudflare acts as the middle layer between users and sites.

This outage highlights a growing concern: centralisation risk. As the internet relies on a handful of providers for speed and security, a single failure can take down huge swathes of the web.

Putting it in context: CrowdStrike and other outages

Cloudflare’s outage is not an isolated event. It follows other high-profile failures that exposed similar weaknesses:

• CrowdStrike (July 2024): A faulty Falcon sensor update caused millions of Windows systems to crash, grounding flights, disrupting hospitals and costing billions in damages. The root cause was a configuration mismatch in a critical file.
• Fastly (2021): A single misconfigured customer change triggered a global CDN failure, impacting major platforms.
• AWS and Microsoft Azure: Past outages often stemmed from internal configuration errors or insufficient redundancy.

These incidents share common threads: automated deployments without progressive rollouts, fragile dependencies on single vendors and the cascading effect of centralised infrastructure.

Lessons learned

• Rigorous testing and safeguards: Progressive rollouts and rollback mechanisms should be standard.
• Visibility and monitoring: Real-time analytics can catch anomalies before they escalate.
• Clear communication protocols: Both Cloudflare and CrowdStrike demonstrated the importance of transparency during crises.

The Cloudflare outage is a vivid reminder that modern digital infrastructure, orchestrated by a handful of powerful providers, is more fragile than it appears. Similar to CrowdStrike’s and Fastly’s failures, a single misconfigured file or update can cascade across millions of devices, silencing apps and paralysing businesses.

For organisations, the takeaway is clear: performance gains must be balanced with resilience planning. That means building redundant architectures, enforcing rigorous test-and-release protocols and preparing for rapid response. The names may differ, but the lesson remains the same: prevent the domino effect or prepare for the fall.