When we’ve had outages in the past it’s always led to us building new, more resilient systems. We’ve architected our systems to be highly resilient to failure to ensure traffic will always continue to flow. Turnstile was impacted by this outage, resulting in customers who did not have an active dashboard session being unable to log in.

Analyzing the Block Message

These anomalies are detected through significant deviations from expected traffic patterns observed across our network. As we have noted in the past, this post is intended as a summary overview of observed and confirmed disruptions, and is not an exhaustive or complete list of issues that have occurred during the quarter. A rogue contractor, among other events, caused power outages that impacted Internet connectivity. This showed up to Internet users trying to access our customers’ sites as an error page indicating a failure within Cloudflare’s network.

Creating exceptions for trusted websites balances privacy concerns with functional access needs, reducing unnecessary friction during regular online activities. Regularly update your operating system, browser, and security tools to ensure compatibility with current web standards and security protocols. This contextual information helps technical teams quickly identify the cause of your access restriction and implement appropriate exceptions or adjustments.

Resolving access restrictions effectively

It is essential for users to understand that such actions are not just restricted by the website they are accessing but also by Cloudflare, which acts as a security shield around it.What Can I Do To Resolve This? In Q3 2025, we observed Internet disruptions around the world resulting from government directed shutdowns, power outages, cable cuts, a cyberattack, an earthquake, a fire, and technical problems, as well as several with unexplained causes…. To create your own content signals, just copy and paste the text that we help you generate at ContentSignals.org into your robots.txt file, or immediately deploy via the Deploy to Cloudflare button. If you already know how to configure your robots.txt file, deploying content signals is as simple as adding the Content Signals Policy above and then defining your preferences via a content signal. If a website operator leaves the content signal for ai-input blank like in the above example, it does not mean they have no preference regarding that use; it just means they have not used this part of their robots.txt file to express it.

Cloudflare outage on November 18, 2025

I mentioned above that a change in the underlying query behaviour resulted in the feature file containing a large number of duplicate rows. Customers that had rules deployed to block bots would have seen large numbers of false positives. A change in our underlying ClickHouse query behaviour (explained below) that generates this file caused it to have a large number of duplicate “feature” rows. It accomplishes this through a set of domain-specific modules that apply the configuration and policy rules to traffic transiting our proxy. The proxy applies each customer’s unique configuration and settings, from enforcing WAF rules and DDoS protection to routing traffic to the Developer Platform and R2.

Technical aspects of security challenges

• Customers on our old proxy engine, known as FL, did not see errors, but bot scores were not generated correctly, resulting in all traffic receiving a bot score of zero.
• This post is an in-depth recount of exactly what happened and what systems and processes failed.
• We were confident that the Bot Management configuration file was the trigger for the incident.
• The impact of the power outage to Internet connectivity was visible in traffic disruptions across several Internet service providers, including Flow (AS52233) and UTS (AS11081).
• If you already know how to configure your robots.txt file, deploying content signals is as simple as adding the Content Signals Policy above and then defining your preferences via a content signal.

Digicel Haiti (AS27653) is no stranger to Internet disruptions caused by damage to both terrestrial and submarine cables, experiencing such problems during the first and second quarters of 2025, as well as first, second, and third quarters of 2024. According to an X post from Unitel Angola, it “was caused by a disruption at our partner Angola Cables, resulting from public road works that affected the national fiber optic interconnections.” These shutdowns are reviewed in more detail in our September 30 blog post, Nationwide Internet shutdown in Afghanistan extends localized disruptions.

Online outages: Q3 2025 Internet disruption summary

This policy is a new addition to robots.txt that allows you to express your preferences for how your content can be used after it has been accessed. If we want to keep the web open and thriving, we need more tools to express how content creators want their data to be used while allowing open access. The Cloudflare Radar team will continue to monitor traffic from Afghanistan as well, sharing our observations on the Cloudflare Radar Outage Center, via social media, and in posts on blog.cloudflare.com.

Cloudflare Security Block: Understanding and Resolving Access Issues

In mid-September, the Taliban ordered the shutdown of fiber optic Internet connectivity in multiple provinces across Afghanistan, as part of a drive to “prevent immorality”. Networks impacted by these shutdowns included Earthlink (AS199739), Asiacell (AS51684), Zainas (AS59588), Halasat (AS58322), and HulumTele (AS203214). Similar to last quarter, KNET (AS206206), Newroz Telecom (AS21277), IQ Online (AS48492), and KorekTel (AS59625) were impacted by the ordered shutdowns.

HTTP request traffic from the top 10 ASNs in Afghanistan, September 29, 2025 HTTP request traffic from the top five provinces in Afghanistan, September 29, 2025 At a regional level, it appears that traffic from Kabul fell slightly later than traffic from the other regions, trailing them by approximately a half hour. Follow us on social media at @CloudflareRadar (X), noc.social/@cloudflareradar (Mastodon), and radar.cloudflare.com (Bluesky), or contact us via email. You can use the API to retrieve data to do your own local monitoring or analysis, or the Radar MCP server to incorporate Radar data into your AI tools. However, these additional observations do not necessarily confirm a “technical fault in PTCL’s fiber optic infrastructure” as the ultimate cause of the disruption.

Cloudflare Security Block: Understanding and Resolving Temporary Restrictions

Given Cloudflare’s importance in the Internet ecosystem any outage of any of our systems is unacceptable. We worked over the next few hours to mitigate increased load on various parts of our network as traffic rushed back online. The larger-than-expected feature file was then propagated to all the machines that make up our network. All challenge types are lightweight, privacy-preserving, and optimized for real-world traffic. Conor McGregor causes traffic chaos in Mallorca with partner Dee Devlin, shocking locals Security alert systems represent an essential component of modern web protection infrastructure.

• During the disruption, the country’s traffic dropped by over 80% as compared to the previous week, with Flow experiencing a near complete outage.
• Cloudflare traffic data for AS38472 (Afghan Wireless) and AS (Etisalat) shows that traffic from these mobile providers remained available during that period.
• The recent launch of regional traffic insights on Radar brings yet another perspective to our ability to investigate observed Internet traffic anomalies.
• On September 6, Pakistan Telecom (AS17557) posted a message on X that stated “We would like to inform that submarine cable cuts have occurred in Saudi waters near Jeddah, impacting partial bandwidth capacity on SMW4 and IMEWE systems.

Our analysis of related metrics found that this disruption caused a drop in the share of IPv4 traffic, as well as a spike in the share of HTTP traffic (meaning that HTTPS traffic share had fallen), as shown in the graphs below. On July 10, Telecom Egypt announced that services affected by the fire had been restored, after operations were transferred to alternative exchanges. The fire broke out in a Telecom Egypt equipment room, and impacted connectivity across multiple providers, including Etisalat (AS36992), Mobinil (AS37069), Orange Egypt (AS24863), and Vodafone Egypt (AS24835).

Fiber optic cable damage

By doing so, they have chosen to instruct companies that they do not want the content on those domains to be used for AI training. Cloudflare customers have already turned on our managed robots.txt feature for over 3.8 million domains. A website operator can then optionally express their preferences via machine-readable content signals. This policy defines three content signals – search, ai-input, and ai-train – and their relevance to crawlers. There is a real cost to website operators to serve these data scrapers, in particular when they receive no compensation in return; we are experiencing a classic free-rider problem.

(The stable latency line at the bottom of both graphs represents probes going over the Cloudflare backbone, which was not impacted by the cable cuts.) The graphs below provide another view of the impact of the cable cuts, based on Cloudflare network probes between New Delhi (del-c) to London (lhr-a) and Bombay (bom-c) to Frankfurt (fra-a). The most recent such disruption occurred on August 26, when they experienced two different cuts on their fiber optic infrastructure, according to an X post from the company’s Director General.

Through understanding the reasons behind the block and employing strategies to resolve these issues, you can navigate the internet more confidently. Being blocked on a website due to Cloudflare’s security measures can be a frustrating experience. Be patient; they may need time to investigate and respond. Sometimes browser settings can lead to being flagged.

Fiber optic cables are frequently damaged by errant ship anchors (submarine) or construction equipment (terrestrial), but on September 26, a stray bullet damaged a cable in the Dallas, Texas area, disrupting Internet connectivity for Spectrum (AS11427) customers. The impacts may only affect a single country, or they may disrupt multiple countries connected to a damaged cable. Telegeography’s Submarine Cable Map shows that the Red Sea has a high density of submarine cables that carry data between Europe, Africa, and Asia. However, the timing of the disruption coincided with protests over the rise in diesel fuel prices, and local non-governmental organizations disputed Unitel Angola’s explanation, claiming that it was actually due to a government-directed Internet shutdown. According to a subsequent post, one was damaged by work being done by CORAAVEGA (La Vega Water And Sewerage Corporation) and the other by work being done by the Dominican Cloudflare attention Electric Transmission Company.

However, on September 17, traffic dropped to a fraction of pre-shutdown levels. Baghlan experienced an anomalous spike in traffic on September 16, with total traffic spiking 3x higher than peaks seen during the previous weeks. In Kandahar, lower peak traffic volumes are visible between September 17 and September 21. While some nominal recovery occurred on September 23, traffic remained well below pre-shutdown levels. Balkh appeared to be one of the earliest targeted provinces, with traffic dropping midday (UTC) on September 15.