On November 18, 2025, starting at 11:20 AM UTC (approximately 08:20 AM in Chile, GMT-3), Cloudflare experienced a significant three-hour outage that affected the availability of numerous services and websites. The root cause was an internal configuration error, specifically a database permission change that caused the Bot Management system to generate and distribute a defective and oversized configuration file across the entire global network.
Root Cause
The oversized configuration file was loaded by the proxy software that handles traffic. The newer version (FL2) of this software completely failed when attempting to process the defective file. This crash generated the HTTP 5xx errors (server down) experienced by affected users. The Cloudflare team resolved the issue by identifying and halting the propagation of the defective file, and deploying a stable configuration version.
Impact Disparity (Why the Failure Was Not Universal)
The incident's impact depended on the version of the proxy software serving each customer at the time of the failure:
Failing Customers (5xx Errors): They were managed by the newer version (FL2) of the proxy. This software was stricter with size limits and immediately crashed (entered into panic) upon encountering the defective configuration file.
Non-Failing Customers (Continuous Traffic): They were managed by the older version (FL) of the proxy. This software proved to be more resilient; although the bot configuration module failed to load, the main proxy did not crash, allowing web traffic to continue flowing without interruption.
Impact on Modyo
Modyo extensively uses Cloudflare services to accelerate and secure the traffic of its Cloud and Enterprise Cloud customers. The fact that no impact was registered due to the complete interruption (HTTP 5xx errors) during this event indicates that Modyo's traffic was, at that time, managed by the older version (FL) of the Cloudflare proxy. This software version proved immune to the fatal failure that affected the newer one, ensuring the continuity of Modyo’s service while other customers experienced outages.
During the incident, we worked closely with affected clients, looking for direct traffic redirection mechanisms, which proved to be an effective measure in the cases where it was successfully applied.
It is also worth noting that for resilience purposes, Modyo does not use Cloudflare's DNS services. This allows traffic to be redirected to contingency providers without needing to access the Cloudflare administration panel, which was also affected.
Regards,
José Antonio Silva
CTO, Modyo