Cloudflare has revealed the cause of the major internet outage that disrupted access to several websites worldwide on Tuesday, describing it as the company’s most significant service failure in more than five years.
Matthew Prince, the co-founder and chief executive, explained that a flawed internal update triggered the hours-long disruption that slowed or shut down websites across multiple countries, including Nigeria.
The service breakdown affected numerous Nigerian news platforms and e-commerce websites that rely on Cloudflare’s infrastructure. Users reported difficulty loading pages and accessing online services throughout the morning as the effects of the outage spread across Cloudflare’s global network.
The News Chronicle learned that several local businesses also experienced stalled transactions and delayed customer responses as their platforms struggled to reconnect.
According to Cloudflare, the disruption began after an internal modification to database permissions linked to its Bot Management system produced unexpected results. The company stated that the change caused the database to create duplicate entries in a feature file essential to how Cloudflare filters automated traffic. The file then doubled in size and was automatically pushed across Cloudflare’s network of servers.
When systems attempted to read the oversized file, the software responsible for directing global traffic began to fail. Cloudflare initially suspected a large-scale cyberattack but later confirmed that the incident had no connection to malicious activity, artificial intelligence tools or DNS faults. Engineers eventually halted the rollout of the problematic file and replaced it with a previous version, allowing traffic to begin stabilising by early afternoon.
The outage caused widespread disruptions for major global platforms including X, ChatGPT and Downdetector. Services that depended heavily on Cloudflare’s bot-scoring technology were hit hardest, often blocking legitimate users while systems malfunctioned.
Cloudflare has announced a set of immediate corrective actions, which include improving how internal configuration files are validated, expanding emergency shutdown options for features, preventing diagnostic reports from overwhelming system resources and assessing potential failure points across its core infrastructure.
The company acknowledged that as more of the internet relies on a small number of infrastructure providers, outages of this scale may become increasingly difficult to prevent.
