Russia Begins Systematic Blocking of Cloudflare, Throttling Internet Access to 16KB

In March 2025, Russia conducted preliminary tests in select regions to sever connections to Cloudflare, aiming to evaluate the potential ramifications of such an action. Cloudflare, a critical infrastructure provider offering CDN acceleration and DDoS protection to a vast number of global websites, is also widely utilized by numerous Russian domains.

These tests served as an implicit warning to site operators: continued reliance on Cloudflare could lead to service disruptions once full access is terminated. That warning became reality on June 9, 2025, when Russia officially commenced the systematic blocking of Cloudflare.

From that date forward, Russian internet service providers (ISPs) began deploying technical methods to hinder access to websites hosted by Cloudflare. Specifically, when users attempt to connect, ISPs allow only the initial 16KB of data to be downloaded, after which the connection is completely severed.

The restrictions extend beyond Cloudflare. Infrastructure belonging to prominent hosting providers — including Germany’s Hetzner, France’s OVH, and the U.S.-based DigitalOcean — has likewise been targeted. Network ranges associated with these services have been blocked, rendering them inaccessible.

In an official statement, Cloudflare acknowledged:

“As the throttling is being applied by local ISPs, the action is outside of Cloudflare’s control and we are unable, at this time, to restore reliable, high performance access to Cloudflare products and protected websites for Russian users in a lawful manner… Cloudflare has not received any formal outreach or communication from Russian government entities about the motivation for such an action.”

On the technical front, Cloudflare’s analysis suggests that Russian ISPs — including Rostelecom, Megafon, Vimpelcom, MTS, and MGTS — are employing a variety of techniques such as packet injection and blocking, leading to connection timeouts.

Even connections routed to servers located outside of Russia are subject to these constraints. Affected protocols include HTTP/1.1 and HTTP/2 over TCP and TLS, as well as HTTP/3 based on the QUIC protocol.

Related Posts:

• Android 15 Mandates 16KB Memory Pages for New Google Play Apps
• Windows 11 24H2 Update Alert: Microsoft Pulls & Reissues June 2025 Patch Due to Compatibility Issues
• Cloudflare Pulls the Plug on HTTP: API Now HTTPS-Only
• Massive Cyber Campaign Exploits 4,000 ISP IPs in the U.S. and China for Credential Theft and Cryptojacking
• Cloudflare to push the new public DNS service, 1.1.1.1

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy