USA Today, CNBC, AP, Bloomberg, and Forbes contributed to this report.
Internet traffic giant Cloudflare is doing cleanup again after another outage briefly took down a swath of major websites and apps around the world early Friday — including Zoom, LinkedIn, Shopify, Fortnite, Coinbase, Substack and more.
The company said the problem has been fixed and services are back up, but it’s the second major disruption in less than three weeks, raising fresh questions about how fragile big chunks of the internet really are.
Cloudflare said the outage stemmed from an internal change, not an attack.
A tweak to how its Web Application Firewall (WAF) parses requests went sideways and “impacted the availability of Cloudflare’s network for several minutes,” the company said on its status page.
The change was rolled out to help mitigate a newly disclosed security vulnerability in React Server Components, a feature used by sites built with the popular React web framework. In trying to shore up defenses, Cloudflare accidentally broke traffic for a chunk of the web.
“This was not an attack,” the company emphasized. “The change was deployed by our team to help mitigate the industry-wide vulnerability disclosed this week.”
Cloudflare said it identified the issue just before 4 a.m. EST and had it resolved around 4:20 a.m. By 7 a.m., services were widely operational again in the US.
Outage tracker Downdetector lit up with reports around the same time Cloudflare had issues, with users complaining about:
- LinkedIn;
- Zoom;
- Shopify;
- Canva;
- Coinbase;
- DoorDash;
- Chime;
- Substack;
- Fortnite, League of Legends, Valorant;
- X (formerly Twitter).
Some government and financial sites in Europe, including Norwegian and Swedish government websites and banking-related services, were also reported down or unstable.
Cloudflare’s own dashboard and APIs — the tools customers use to manage their services — were directly affected, which is how the problem first showed up on the company’s status page.
Investors did not love the news.
- Cloudflare shares fell as much as 4.5–6% in premarket trading after the outage was reported.
- The stock clawed back some losses once the fix was in, but was still trading a few percent lower by mid-morning.
Given that Cloudflare routes or protects traffic for roughly 20% of the web, any hint of instability gets noticed fast on Wall Street.
Friday’s failure follows a major outage in November that took down high-profile sites including X and ChatGPT for several hours. At the time, CEO Matthew Prince called that incident “unacceptable” and said Cloudflare had engineered its systems to be highly resilient — only to be undone by a bad database change.
This time, it was a firewall configuration change aimed at a security fix that triggered the crash.
Cloudflare, along with other infrastructure heavyweights like Microsoft Azure and Amazon Web Services, has been at the center of several recent internet-wide hiccups. Even though these outages are usually brief, they highlight how much of the global internet now relies on a small number of backend providers — and how a single misstep can send ripples across banks, gaming platforms, ecommerce sites and government services all at once.
For now, Cloudflare says it’s monitoring systems closely and treating the incident as another lesson in how not to ship changes — but for millions of users, it was another reminder that when one piece of the internet stumbles, a lot of the rest of it goes down with it.
The latest news in your social feeds
Subscribe to our social media platforms to stay tuned