Key Points
- Cloudflare outage occurred on December 5, 2025, beginning around 8:47 GMT (2:17 PM IST) and resolved by 9:13 GMT (2:43 PM IST), lasting approximately 26 minutes
- Caused by intentional configuration change to Cloudflare’s Web Application Firewall (WAF) that impacted request parsing and network availability
- Major Indian trading platforms affected: Zerodha, Groww, Angel One experienced login failures, data feed disruptions, and inability to execute trades during market hours
- Global services disrupted included Discord, LinkedIn, Coinbase, Substack, Shopify, HSBC, Deliveroo, Canva, and Downdetector itself
- Zerodha CEO Nithin Kamath apologized publicly and recommended WhatsApp backup channels for exiting trades during future outages
- Cloudflare stock dropped as much as 4% in early trading before recovering to 2% down after fix implementation
- Second major Cloudflare outage in less than three weeks, following November 18, 2025 incident caused by Bot Management bug
- Cloudflare handles approximately 20% of global web traffic, making any disruption highly impactful worldwide
- Company implemented fix and monitoring within 26 minutes, with services fully restored by 9:13 GMT
Millions of internet users worldwide faced sudden and widespread service disruptions on Friday morning, December 5, 2025, when a critical configuration error at Cloudflare, one of the world’s largest content delivery network (CDN) and internet infrastructure providers, crashed thousands of websites simultaneously. The outage began around 8:47 GMT (2:17 PM Indian Standard Time) and lasted approximately 26 minutes before Cloudflare engineers implemented a fix at 9:13 GMT (2:43 PM IST).
Cloudflare’s support team issued a statement confirming that “a change made to how Cloudflare’s Web Application Firewall parses requests impacted the availability of Cloudflare’s network for several minutes today”. The incident affected a wide range of critical online services, from financial trading platforms to social media networks, banking portals, e-commerce sites, and productivity tools, demonstrating the concentrated risk created when so much of the internet depends on a single infrastructure provider.
Indian Trading Platforms Crippled During Market Hours
The timing of the outage proved particularly damaging in India, where major retail trading platforms Zerodha, Groww, and Angel One experienced complete or near-complete service disruptions during active market hours. Users reported being unable to log into their accounts, place intraday or time-sensitive trades, access market dashboards, or monitor their portfolios as the outage unfolded during critical trading windows. Many traders experienced data feed failures and backend connectivity issues that effectively paused their ability to execute financial transactions, potentially causing financial losses for those holding leveraged positions or needing to exit time-sensitive trades.
Zerodha CEO Nithin Kamath publicly apologized for the disruption and acknowledged the platform’s dependency on Cloudflare infrastructure. In a post on X (formerly Twitter), Kamath recommended that traders use WhatsApp backup channels provided by Zerodha to exit trades during future outages, highlighting the vulnerability of cloud-dependent trading systems. The incident exposed how retail investors and traders have become critically dependent on cloud infrastructure for uninterrupted access to capital markets, with no easy backup options when primary systems fail.
Widespread Global Impact Across Multiple Sectors
Beyond Indian trading platforms, the Cloudflare outage disrupted a diverse array of international services used by millions daily. Discord, the popular gaming and community chat platform, went offline, cutting off communication for hundreds of millions of users worldwide. LinkedIn, Microsoft’s professional networking service with over 1 billion members, became inaccessible, disrupting business communications and recruitment activities. Cryptocurrency exchange Coinbase experienced downtime during volatile trading periods, while online publishing platform Substack prevented writers and readers from accessing subscription-based content.
E-commerce giant Shopify, which powers millions of online stores globally, reported service disruptions that prevented merchants from processing transactions and managing inventory. Banking services were also affected, with HSBC customers unable to access online banking portals in some regions. Food delivery service Deliveroo experienced outages in London and other markets, disrupting meal orders and driver coordination. Design platform Canva, used by millions of content creators, became unavailable, halting work for marketing teams and designers worldwide. Even Downdetector, the popular outage-tracking website that users typically turn to during internet disruptions, was briefly knocked offline, adding to the confusion as people struggled to determine the scope of the problem.
Technical Root Cause and Response Timeline
Cloudflare identified the root cause as an intentional but flawed configuration change to its Web Application Firewall (WAF), a security service that filters malicious traffic and protects websites from attacks. The WAF change affected how Cloudflare’s systems parse incoming requests, causing cascading failures across the network that handles approximately 20% of all global web traffic. The company’s automated monitoring systems detected the issue almost immediately, and engineering teams began implementing mitigation measures within minutes.
Cloudflare posted status updates stating, “The issue is being investigated and efforts are underway to resolve the issue, including our dashboard and application programming interfaces (APIs)”. The company noted that some customers were seeing error messages on their dashboards and websites, which were being fixed in a phased manner. By 9:13 GMT, Cloudflare confirmed it had “implemented a fix” and was monitoring the results, with all affected services returning to normal operation. The rapid response time of 26 minutes demonstrated the company’s incident management capabilities, though the brief outage still caused significant disruption given the scale of services affected.
Stock Market Impact and Investor Concerns
The outage had immediate financial consequences for Cloudflare itself, with shares dropping as much as 4% in early Friday trading as news of the widespread disruption spread. As Cloudflare provided updates confirming a fix had been implemented and services were being restored, the stock recovered somewhat, ultimately closing down approximately 2% for the day. The market reaction reflected investor concerns about Cloudflare’s operational reliability and the potential reputational damage from high-profile service failures, particularly given the company’s positioning as a critical infrastructure provider for the modern internet.
Analysts noted that while brief outages are inevitable in complex distributed systems, two major incidents within three weeks (November 18 and December 5) raised questions about Cloudflare’s quality assurance processes for configuration changes and whether adequate safeguards exist to prevent flawed updates from being deployed to production systems. The concentration risk created by Cloudflare’s dominant market position means that even brief disruptions have outsized impact, affecting thousands of businesses and millions of end users simultaneously.
Second Major Failure in Three Weeks
This December 5 outage represents the second significant Cloudflare service disruption in less than three weeks, heightening concerns about the company’s operational stability. On November 18, 2025, Cloudflare experienced a more severe and longer-lasting outage that prevented thousands of users from accessing major internet platforms including X (Twitter), ChatGPT, and numerous other services. That incident, which began around 6:30 AM ET and lasted several hours, was triggered by an automatically generated configuration file for Bot Management that became excessively large, causing the software system managing traffic for various Cloudflare services to crash.
During the November 18 incident, Cloudflare’s systems returned HTTP 5xx server errors and experienced significant latency increases as debugging and observability systems consumed excessive CPU resources. The company stopped automatic deployment of new Bot Management configuration files at 14:07 UTC, tested and deployed a corrected configuration file, and reported main impact resolved by 14:30 UTC, with all services fully recovered by 17:06 UTC. The November outage lasted approximately six hours from initial detection to full resolution, significantly longer than the 26-minute December 5 incident.
Calls for Infrastructure Diversification and Resilience
The repeated Cloudflare disruptions have reignited debates within the technology industry about infrastructure concentration risks and the need for greater resilience in critical internet services. Security experts and business continuity planners argue that organizations should implement multi-CDN strategies, distributing traffic across multiple providers like Cloudflare, Fastly, and Akamai to prevent single points of failure. However, such approaches add complexity and cost, making them impractical for smaller businesses and startups that rely on affordable, easy-to-implement solutions like Cloudflare.
For financial services platforms like Zerodha, Groww, and Angel One, the December 5 incident underscored the need for robust backup systems and alternative access channels when primary platforms fail. Zerodha’s recommendation to use WhatsApp for emergency trade execution represents one approach, though it introduces manual processes and potential delays that may not suffice during fast-moving market conditions. Banking regulators and financial technology oversight bodies may need to establish requirements for redundancy and failover capabilities to ensure retail investors maintain access to markets even during infrastructure outages.
Cloudflare’s Critical Role in Internet Infrastructure
Cloudflare provides content delivery, security, and performance optimization services for millions of websites worldwide, processing approximately 20% of all global web traffic through its distributed network of servers. The company’s services include DDoS attack protection, Web Application Firewall security, content caching and acceleration, DNS management, and application programming interface (API) gateways that enable modern web applications to function. This deep integration into core internet infrastructure means that when Cloudflare experiences problems, the impact cascades across thousands of businesses and hundreds of millions of end users simultaneously.
While Cloudflare has apologized for both recent incidents and committed to improving its change management and quality assurance processes, the December 5 outage demonstrates that even mature, well-resourced technology companies can experience operational failures when making configuration changes to complex distributed systems. As businesses and consumers become increasingly dependent on cloud infrastructure and centralized service providers, building resilience through diversification, redundancy, and robust backup systems becomes not just a technical concern but a critical business continuity requirement.
