Cloudflare apologises after outage hits X and ChatGPT

Cloudflare has apologized for a major outage that temporarily disrupted access to several high-profile websites and apps, including X and ChatGPT, after a software configuration change triggered widespread problems on Tuesday.

Thousands of users began reporting issues shortly after 11:30 GMT, according to outage-tracking site Downdetector, with services such as Grindr, Zoom and Canva also affected. Some visitors experienced slow loading times, error messages or an inability to connect at all.

In a statement, the US-based internet infrastructure company described the incident as a “significant outage” caused by a configuration file intended to handle malicious or “threat” traffic, which instead malfunctioned and “triggered a crash” in software that processes requests across its network.

“We apologise to our customers and the Internet in general for letting you down today,” Cloudflare said, adding that, given the importance of its services to global web traffic, “any outage is unacceptable”.

Cloudflare stated that the underlying issue had been resolved, but cautioned that some services might still experience errors as systems recover and return to full functionality. It stressed there was no indication of a cyber-attack. “To be clear, there is no evidence that this was the result of an attack or caused by malicious activity,” the company noted.

The impact of the disruption was broad. Some users of X (formerly Twitter) were shown a message stating there was a problem with the platform’s internal server due to an “error” originating with Cloudflare. ChatGPT’s website, meanwhile, displayed a notice for some visitors saying: “please unblock challenges cloudflare.com to proceed.”

The reach of the outage was underlined by the fact that Downdetector itself – a service many people turn to when websites appear to be down – also showed error messages for some users.

Cloudflare is one of the world’s largest providers of web security and performance services. It protects websites from malicious traffic, helps distinguish human visitors from bots and acts as a key layer of defence against distributed denial-of-service (DDoS) attacks. The company says about 20% of all websites globally use its services in some form.

Alp Toker, director of internet observatory NetBlocks, said the incident “points to a catastrophic disruption to Cloudflare’s infrastructure,” highlighting how many sites now “hide behind” its systems to fend off attacks. That dependence, he warned, has made Cloudflare “one of the internet’s largest single points of failure.”

Cloudflare’s shares were trading around 3% lower shortly after 15:00 GMT on Tuesday, as investors reacted to the disruption. The outage follows a series of recent glitches involving large cloud and infrastructure providers, including a major Amazon Web Services failure last month that knocked more than 1,000 sites and apps offline, and subsequent issues at Microsoft’s Azure platform.

Jake Moore, global cybersecurity adviser at security firm ESET, said the recent spate of incidents had underlined how dependent many organisations have become on a handful of major providers. “Companies are often forced to heavily rely on the likes of Cloudflare, Microsoft and Amazon for hosting their websites and services, as there aren’t many other options,” he said, describing the underlying networks as “fragile”.