A variety of websites, such as LinkedIn, Zoom, and Downdetector, experienced outages on Friday morning due to another incident involving Cloudflare. This marks the company’s second disruption within a month.
Cloudflare reported that the outage was triggered by adjustments made to their firewalls intended to protect customers from a widespread software vulnerability disclosed earlier this week, clarifying it was not the result of a cyber attack. Previously, another issue was observed concerning their application programming interface.
The incident lasted approximately 30 minutes, concluding shortly after 9 a.m. Japan time. This follows a larger Cloudflare outage in mid-November that impacted platforms like X, OpenAI, and Spotify, along with online games such as League of Legends.
The underlying issue was identified as “configuration files that are automatically generated to manage threat traffic,” which exceeded expected sizes, leading to a crash of the software system responsible for handling traffic across various Cloudflare services.
Friday’s malfunction appeared relatively minor, affecting sites including Canva, Shopify, and the India-based brokerage firm Groww, alongside LinkedIn, Zoom, and Downdetector, which tracks online service issues. Downdetector recorded over 4,500 reports related to Cloudflare once the services resumed.
Given the recent series of prominent internet outages, some businesses might be reevaluating their reliance on Cloudflare’s offerings.
Stephen Murdoch, a computer science professor at University College London, noted, “Given these two outages within such a brief timeframe, it’s likely people will begin to question their reliability. They’re not satisfied, and Cloudflare isn’t happy either. They apologize, but it’s premature to determine if there’s a systemic problem, like software misuse, or just unfortunate timing.”
Murdoch emphasized that Cloudflare, known for its global cloud services and cybersecurity, promotes itself on its reliability. Businesses utilize its services for enhanced immunity against specific cyber threats, improved website performance, faster load times, and greater resilience to server failures.
The recent outages from Amazon Web Services, including one in October that affected over 2,000 businesses globally, have sparked discussions among experts about whether major internet services are becoming overly centralized and thus more vulnerable.
“There’s significant centralization occurring,” Murdoch stated. “Cloudflare offers an excellent product and is widely used, which introduces potential vulnerabilities.”
“This highlights yet again how exposed the major tech internet is,” remarked Michał “Risiek” Wojniak, an expert on DNS and internet infrastructure. “This marks the fourth major global outage since October 20th that has drawn the attention of media outside of the tech sphere and affected everyday users around the globe.”
After newsletter promotion
According to Cloudflare, around 20% of all websites utilize its services in one form or another. The company boasts nearly 300,000 clients in 125 countries and claims to thwart billions of cyberattacks against its users on a daily basis, generating over $500 million (£440 million) each quarter.
Wojniak stated that the recent outages raise questions about Cloudflare’s marketing strategy, which promotes reliability and resilience alongside the common belief that larger enterprises are safer partners than smaller infrastructure providers.
“These companies are growing too large to fail, and their extensive traffic handling means that when they do encounter issues, it leads to significant problems very quickly,” he added.
Conversely, Murdoch suggested that the outages could be an opportunity for Cloudflare. “When AWS went down, its stock price actually increased because people recognized the scale of its usage. [The outage] serves as effective marketing, demonstrating the widespread reliance on Cloudflare.”
Source: www.theguardian.com
