Post Mortem - The Cloudflare Blog

Cloudflare incident on January 24, 2023

January 25, 2023 3:47AM

Several Cloudflare services became unavailable for 121 minutes on January 24th, 2023 due to an error releasing code that manages service tokens. The incident degraded a wide range of Cloudflare products...

Partial Cloudflare outage on October 25, 2022

October 26, 2022 4:02AM

Outage Post Mortem

Today, a change to our Tiered Cache system caused some requests to fail for users with status code 530...

John Graham-Cumming

The mechanics of a sophisticated phishing scam and how we stopped it

August 09, 2022 4:56PM

Security Post Mortem Phishing Cloudflare Gateway Cloudflare Access

Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. Around the same time as Twilio was attacked, we saw an attack with very similar characteristics also targeting Cloudflare’s employees...

Cloudflare outage on June 21, 2022

June 21, 2022 1:38PM

Outage Post Mortem

Today, June 21, 2022, Cloudflare suffered an outage that affected traffic in 19 of our data centers...

PIPEFAIL: How a missing shell option slowed Cloudflare down

April 05, 2022 1:57PM

Post Mortem Outage Deep Dive Speed & Reliability

This post tells the story of how a missing shell option called “pipefail” slowed Cloudflare down....

Alex Forster

March 22, 2022 4:57PM

Cloudflare’s investigation of the January 2022 Okta compromise

Today at 03:30 UTC we learnt of a compromise of Okta. We use Okta internally for employee identity as part of our authentication stack. We have investigated this compromise carefully and do not believe we have been compromised as a result...

By

Okta , Security , Post Mortem

January 26, 2022 6:34PM

Incorrect proxying of 24 hostnames on January 24, 2022

On January 24, 2022, as a result of an internal product migration, 24 hostnames (including www.cloudflare.com) that were actively proxied through the Cloudflare global network were mistakenly redirected to the wrong origin...

By

Jeremy Hartman

Post Mortem

November 27, 2020 12:00PM

A Byzantine failure in the real world

When we review design documents at Cloudflare, we are always on the lookout for Single Points of Failure (SPOFs). In this post, we present a timeline of a real-world incident, and how an interesting failure mode known as a Byzantine fault played a role in a cascading series of events....

By

Tom Lianza
, Chris Snook

Post Mortem , API , Postgres , Outage , Engineering

August 30, 2020 9:55PM

August 30th 2020: Analysis of CenturyLink/Level(3) outage

Today CenturyLink/Level(3), a major ISP and Internet bandwidth provider, experienced a significant outage that impacted some of Cloudflare’s customers as well as a significant number of other services and providers across the Internet....

By

Matthew Prince

Outage , Post Mortem

July 18, 2020 2:22AM

Cloudflare outage on July 17, 2020

Today a configuration error in our backbone network caused an outage for Internet properties and Cloudflare services that lasted 27 minutes. We saw traffic drop by about 50% across our network....

By

John Graham-Cumming

Post Mortem , Outage , Engineering

July 12, 2019 4:45PM

Details of the Cloudflare outage on July 2, 2019

Almost nine years ago, Cloudflare was a tiny company and I was a customer not an employee. Cloudflare had launched a month earlier and one day alerting told me that my little site, jgc.org, didn’t seem to have working DNS any more....

By

John Graham-Cumming

Post Mortem , Outage , Deep Dive

July 02, 2019 4:50PM

Cloudflare outage caused by bad software deploy (updated)

Starting at 1342 UTC today we experienced a global outage across our network that resulted in visitors to Cloudflare-proxied domains being shown 502 errors (“Bad Gateway”). The cause of this outage was deployment of a single misconfigured rule within the Cloudflare Web Application Firewall (WAF)...

By

John Graham-Cumming

Post Mortem , Outage , Deep Dive

June 26, 2019 11:22PM

The deep-dive into how Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline Monday

On Monday we wrote about a painful Internet wide route leak. We wrote that this should never have happened because Verizon should never have forwarded those routes to the rest of the Internet. Today we will dive into the archived routing data and analyze it....

By

Martin J Levy

RPKI , BGP , Deep Dive , Post Mortem

June 01, 2018 2:13AM

Today we mitigated 1.1.1.1

Cloudflare is protected from attacks by the Gatebot DDoS mitigation pipeline. Gatebot performs hundreds of mitigations a day, shielding our infrastructure and our customers from L3 and L7 attacks....

By

Marek Majkowski

Reliability , Post Mortem , Mitigation , 1.1.1.1 , DNS