For several hours on November 18, the internet slowed down due to a rare outage that affected Cloudflare, which is considered one of the technical bulwarks of the modern web.
While the American company quickly ruled out a cyberattack, the explanations revealed later show how a simple file was able to destabilize thousands of online services, from media sites to enterprise tools…
A technical “detail” that turned into global chaos
On its website, Cloudflare offered an explanation , stating that in the initial minutes, the incident resembled a massive DDoS attack . 500 errors multiplied, and some websites became completely inaccessible. But the truth was more mundane…
Indeed, it all started with a change applied to one of Cloudflare’s ClickHouse databases . This fix aimed to clarify access permissions… before generating an unexpected side effect: each column ended up duplicated in the metadata.
In concrete terms, the file used by the bot management system, usually lightweight, has doubled in size, incorporating more than 200 fingerprints while the software responsible for reading it can only manage a maximum of… 200.
This file, essential for network operation, is automatically deployed to all machines. Once distributed, it causes a cascade of crashes affecting servers unable to process it. The network then oscillates between normal operation and total shutdown, as the file is regenerated every five minutes and is sometimes functional, but sometimes faulty.
For nearly two hours, Cloudflare believed it was under external attack , especially since a baffling coincidence occurred: its status page, hosted by another provider, also went down. It was only by progressively bypassing certain services that the engineers identified the source: the bot management file deployed since the initial modification.
A global impact that is paralyzing the web…
The outage not only affected the display of web pages but also the core operations of thousands of businesses. Cloudflare Access , responsible for authentication, remained down for nearly two hours, blocking business connections. Cloudflare ‘s own dashboard became inaccessible, a direct consequence of the failure of Turnstile , a solution for blocking malicious bots.
Even after replacing the faulty file, the return to normal was slow, as pending traffic flooded the services as soon as reconnection was established, causing a further overload …
A breakdown that reignites the debate on digital dependency
In his blog post, Matthew Prince , co-founder of Cloudflare, acknowledges the seriousness of the incident and announces a series of measures, including enhanced validation of internal files, and limiting debug reports that are too resource-intensive.
But this episode also reignites a political question: digital sovereignty . Indeed, this outage occurs at the very moment when Europe is investing in alternatives to American infrastructure…