On Friday morning a short-lived Cloudflare outage knocked a range of sites offline worldwide, including LinkedIn and Zoom. Cloudflare said the disruption began after it changed firewall settings to shield customers from a newly disclosed software vulnerability and that the incident was not the result of a cyberattack. The company reported the problem lasted about 30 minutes and was cleared shortly after 09:00 GMT. The outage is the second significant Cloudflare interruption in under a month, following a mid-November failure that affected X, OpenAI and Spotify.
Key takeaways
- The outage occurred on Friday morning and lasted roughly 30 minutes, with service restoration shortly after 09:00 GMT.
- Cloudflare attributed the disruption to a firewall adjustment intended to mitigate a recently revealed software vulnerability and said it was not an attack.
- Services affected included LinkedIn, Zoom, Canva, Shopify and Indian broker Groww; Downdetector logged more than 4,500 reports after it came back online.
- This is Cloudflare’s second widely noticed outage in under a month; a mid-November incident hit major platforms and games such as X, OpenAI, Spotify and League of Legends.
- Cloudflare reports roughly 20% of websites use some form of its services, with nearly 300,000 customers in 125 countries and quarterly revenue above $500m.
- Experts warn that repeated high-profile outages are renewing debate about internet centralization and single‑provider dependencies.
Background
Cloudflare provides a mix of content delivery, DNS, firewall and security services that sit between websites and the wider internet; many companies rely on it to block attacks and improve site performance. Its scale—serving an estimated 20% of websites and thousands of customers across more than 100 countries—has made it a backbone vendor for both small sites and global platforms. In mid-November a larger Cloudflare failure was traced to an automatically generated configuration file that grew beyond expected limits and crashed systems that route traffic for several services, producing a broader, longer outage.
The past months have also seen other major infrastructure incidents, including an Amazon Web Services outage in October that affected over 2,000 companies, prompting wider discussion about concentration of internet infrastructure. Regulators, customers and academics have increasingly questioned whether placing large volumes of traffic under a handful of providers creates systemic single points of failure. Cloud providers argue their platforms improve security and resilience, but repeated interruptions put those claims under closer public scrutiny.
Main event
Friday’s disruption unfolded after Cloudflare adjusted firewall rules to defend against a recently disclosed software vulnerability. The company said the configuration change, not an external intrusion, caused service interruptions; it also noted a separate, earlier-reported issue with some application programming interfaces. Affected services included consumer-facing apps and e-commerce platforms—LinkedIn and Zoom were among the higher-profile names flagged by users.
Cloudflare’s posted timeline indicates the incident was identified quickly and engineers rolled back or modified the change, restoring traffic within about half an hour. Downdetector, a third‑party outage monitor, recorded more than 4,500 reports related to Cloudflare once its own pages returned to service, reflecting a burst of user reports as sites came back online. The company issued an apology to customers and said it was conducting a post-mortem to determine the precise sequence of technical events.
The November outage, by contrast, had a different root cause and broader impact: a configuration artifact that exceeded expected size and triggered a crash in components that manage threat traffic. That incident affected social media, AI platforms and gaming services for a longer period and led some customers to re-evaluate their dependence on a single edge provider. Friday’s episode was smaller in scope and duration but notable because it followed so closely on the heels of the earlier failure.
Analysis & implications
Repeated outages at major infrastructure firms feed a narrative that the internet is increasingly centralized around a few large providers. That concentration brings efficiency and enhanced defence against common attacks, but it also amplifies the consequences when those providers fail. For many businesses, the cost-benefit calculation of outsourcing edge, DNS and firewall functions will now include the operational risk of provider outages as well as the security benefits.
Operationally, customers may accelerate plans for redundancy—using multiple providers, regional fallbacks or hybrid architectures to limit exposure. However, implementing multi-provider setups raises complexity and cost; smaller firms in particular may lack the resources to build robust failover across several global vendors. Enterprises with mission-critical online services face a choice between simpler, centralized stacks and more complex, resilient architectures.
From a regulatory and market standpoint, these incidents could spur closer scrutiny of vendor practices, change-management controls and transparency. Investors and boards will likely press vendors for clearer incident timelines and stronger guarantees. There is also a reputational dynamic: while outages reveal fragility, they can paradoxically highlight a provider’s ubiquity—some observers have noted that public attention to outages demonstrates just how many services rely on the same firms.
Comparison & data
| Event | Date | Major services affected | Approx. duration |
|---|---|---|---|
| AWS outage | October 2025 | ~2,000 companies reported impact | varied, multi-hour |
| Cloudflare outage (mid-November) | Mid-November 2025 | X, OpenAI, Spotify, League of Legends | multiple hours |
| Cloudflare outage (this incident) | 5 December 2025 | LinkedIn, Zoom, Canva, Shopify, Groww | ~30 minutes |
These entries show a pattern of high‑impact incidents across different large providers over recent months. The most recent Cloudflare event was shorter and less disruptive than the mid‑November outage but still produced visible user reports and media attention. Comparing duration and scope helps customers weigh the practical risks of single-provider dependence against the operational benefits those firms advertise.
Reactions & quotes
Security academics and infrastructure specialists reacted with caution, urging measured responses from customers and vendors while noting the pattern of recent failures.
“People will start asking questions now that there have been these two outages in a short period of time,”
Steven Murdoch, University College London (academic)
Professor Murdoch framed the incidents as a prompt for customers to reassess assumptions about reliability while noting it’s premature to label the events systemic or the result of poor engineering practices. He added that outages sometimes have the unintended effect of revealing a vendor’s centrality, which can underscore how many services depend on the same infrastructure.
“This again shows how brittle the big‑tech internet can be,”
Michał Woźniak (DNS and internet infrastructure expert)
Woźniak emphasized that repeated, widely visible outages demonstrate fragility at scale and questioned marketing claims that larger providers are always the safer partner. He suggested that size can make failures more disruptive precisely because so much traffic routes through these vendors.
“We adjusted firewall rules to protect customers from a disclosed vulnerability; this was not an attack,”
Cloudflare (company statement)
Cloudflare’s brief statement stressed that the change was defensive and that engineers resolved the issue quickly; the company said it would publish technical details as its internal review concludes.
Unconfirmed
- Whether Friday’s incident reveals an underlying systemic software practice problem at Cloudflare remains unproven—investigation results are pending.
- It is not yet confirmed if any customers suffered significant commercial losses specifically attributable to this half‑hour outage.
- There is no public evidence tying this event directly to the mid‑November configuration failure beyond the fact both incidents affected Cloudflare services.
Bottom line
Friday’s outage was brief and, according to Cloudflare, caused by a defensive configuration change rather than an external attack. Nonetheless, it comes at a sensitive moment: a high‑profile mid‑November failure and a major October cloud outage have already prompted discussion about concentration risk in internet infrastructure. For many customers, the practical takeaway will be to reassess resilience strategies, including multi‑provider approaches and clearer failover plans.
For Cloudflare, repeated incidents present both reputational risk and an opportunity: transparency about root causes and demonstrable improvements to change‑control processes could rebuild trust, while public attention also underlines how central the company has become to website operations worldwide. Regulators and enterprise customers will likely watch the company’s post‑mortem and remediation steps closely.
Sources
- The Guardian — news report
- Cloudflare Status — official company status/communications
- Downdetector — independent outage monitoring service
- University College London — academic affiliation for quoted expert