Cloudflare Down Again – and DownDetector Is Also Down

Hacker News Discussion ↗

Meta “downdetector” jokes and skepticism

  • Thread plays heavily with recursive “downdetectorsdowndetector…” domains; one analysis finds at least one such site just fakes statuses with random / hardcoded “up” values.
  • Others in the chain appear to be real, serving embedded HTML or JSON from a backend.
  • Several commenters criticize reliance on Downdetector by media, calling it “slop,” while others note it’s still occasionally useful.
  • Jokes about “downdetectors all the way down,” quorum-based down detectors, and CAP theorem limitations.

Outage scope and visible effects

  • Multiple services reported as impacted: LinkedIn, Shopify, Crunchyroll, Claude, and Downdetector itself.
  • People mention losing ~30 minutes of work, but note that multiplied across users this becomes substantial.
  • Some highlight that self-hosted services not fronted by Cloudflare stayed up, though many “self-hosted” setups actually sit behind Cloudflare.

Root cause, tech stack, and practice critiques

  • Status page says a WAF parsing change to mitigate a React Server Components vulnerability took the network down; a prior hotfix existed but a “proper fix” pushed that morning failed.
  • Commenters question why this was not a canary / phased rollout, given high-value customers (e.g., large e-commerce, LLM providers) were all hit at once.
  • Debate over blaming React/RSC/JS/Rust vs. acknowledging complex system interactions and deployment processes.
  • Prior Rust-related outage (panic via unwrap) is cited both as evidence Rust isn’t a magic bullet and as an example of programmer error rather than language failure.

Centralization and Cloudflare dependency

  • Many see this as evidence the web is over-centralized; some argue small sites shouldn’t hide behind Cloudflare unless they truly need DDoS protection.
  • Others point out Cloudflare’s popularity stems from free plans, IPv6 fronting, and easy exposure of local services, not just DDoS.
  • A longer analysis frames Cloudflare dominance as billing psychology: flat-rate “insurance” vs. hyperscalers’ usage-based network pricing.
  • Suggested stance: tiny projects and truly attack-prone giants may reasonably use Cloudflare; mid-sized SaaS and businesses could often rely on their cloud provider’s native protections and reduce moving parts.

Operations, staffing, and redundancy

  • Arguments that more outages follow cost-cutting and loss of experienced staff; others say outages also happened under the “old guard.”
  • Strong criticism of Friday / pre-weekend deployments and “fail fast” culture when rollbacks and tests are imperfect.
  • Ideas for resilience include multiple nameserver providers and self-hosted backups, but several note this quickly adds complexity; for many, occasional downtime may be more pragmatic.