When 25 minutes of downtime can mean seven-figure revenue losses

Friday morning, 5 December 2025. Once again, thousands of websites worldwide display nothing but "500 Internal Server Error". Once again, Cloudflare is the culprit. And once again – just as on 18 November – it catches businesses completely unprepared.

The latest outage lasted officially about 25 minutes, but affected around 28% of all HTTP traffic that Cloudflare processes. The November outage was significantly more severe: for over four hours, services like ChatGPT, X (formerly Twitter), Discord, PayPal and countless other platforms were unreachable. Cloudflare themselves called it the worst outage since 2019.

For some of my clients, such a "small" outage at the wrong time of day or year can mean seven-figure revenue losses. Black Friday, Christmas shopping, month-end for B2B platforms – you can't plan the timing of a CDN outage.

❓ Why do so many businesses rely on Cloudflare?

Cloudflare's dominance is remarkable. Depending on the source, between 40 and 80 per cent of all websites that use a CDN rely on Cloudflare. In DDoS protection and bot mitigation, the market share is around 80%. This concentration has good reasons.

Cloudflare offers an attractive complete package: DNS management, CDN, DDoS protection, Web Application Firewall (WAF) and SSL certificates – all from one provider, manageable through a single dashboard. The free starter plan makes it a no-brainer for smaller websites. The Pro plan costs 20 USD per month, the Business plan 200 USD. For the services provided, these are competitive prices.

Then there's the technical elegance: you change your nameservers or use CNAME flattening, and Cloudflare sits in front of your entire infrastructure – whether it's running on AWS, Hetzner or a server in your own data centre. Setup takes minutes, not days.

But this very simplicity becomes the problem when the service goes down. Anyone who relies "blindly" on a single provider – no matter how large – takes a calculable risk. The question isn't if, but when the next outage will occur.

📌 Alternative CDN providers overview

Cloudflare isn't the only option. The CDN market offers a range of providers with different strengths, pricing models and – particularly relevant for the DACH region – various approaches to data protection.

Bunny CDN (bunny.net) is a European provider from Slovenia that's particularly suitable for cost-conscious businesses. Costs are 0.01 EUR per GB for Europe and North America, with a minimum of just 1 USD monthly. Bunny operates 119 Points of Presence worldwide and advertises an average global latency of 25 milliseconds. The big advantage for DACH customers: data processing is GDPR-compliant in Europe, significantly reducing legal complexity compared to US providers.

Fastly positions itself as a developer-focused CDN with real-time configuration changes – changes go live in under 200 milliseconds. Control over caching behaviour and edge logic is more extensive than Cloudflare, but also requires more technical expertise. Pricing-wise, Fastly is above Cloudflare, but offers more transparent logging and better API control.

KeyCDN from Switzerland and Hetzner CDN (still in beta) are additional European alternatives for companies that value EU data residency.

AWS CloudFront is interesting for businesses already using AWS. Integration with other AWS services is seamless, SSL certificates via AWS Certificate Manager are free and automatically renewing. However, CloudFront is a pure CDN – DDoS protection (AWS Shield) and WAF cost extra.

💰 Rough cost comparison for a typical online shop or B2B platform

For a mid-market online shop or B2B platform in the DACH region with about 5 TB monthly traffic, approximate costs look like this:

These figures are estimates – actual costs depend heavily on traffic patterns, geographic distribution of users and required additional features.

🔧 Technical safeguards: Four pragmatic failover strategies

Rather than replacing one CDN provider with another, the more resilient approach is technical safeguarding against outages. In consulting projects over recent years, three approaches have proven effective, which I'll present here – differentiated by starting situation.

🎯 Strategy 1: AWS-native solution with Route 53 health checks

Suitable for: Companies with existing AWS infrastructure

This solution uses AWS Route 53 as an intelligent DNS service that automatically reacts to Cloudflare outages. The principle: Route 53 regularly checks (every 10-30 seconds) whether Cloudflare endpoints are reachable. During an outage, DNS automatically switches to alternative infrastructure.

Setup components:

• Route 53 Hosted Zone with health checks
• Primary record points to Cloudflare
• Secondary record points to AWS Application Load Balancer (ALB) or CloudFront
• SSL certificates via AWS Certificate Manager (ACM) – free and automatically renewing

Costs during normal operation:

• Route 53 health checks: approx. 0.50-1.00 EUR per month per endpoint
• ALB in standby: approx. 20-25 EUR/month base costs
• ACM certificates: free
• Total: approx. 25-30 EUR/month

The cheaper variant uses CloudFront instead of an ALB as failover target. CloudFront has no base fee – you only pay for actual traffic. In standby mode, you practically only incur health check costs.

Important: With this solution, you lose the Cloudflare security layer during failover. A CloudFront failover should therefore include AWS WAF to provide comparable DDoS and bot protection.

🔹 Strategy 2: Classic reverse proxy with Apache/Nginx

Suitable for: On-premises situations or companies without AWS

For companies with their own infrastructure or without cloud commitment, a "cold standby" Apache or Nginx reverse proxy on a minimal VPS is the most cost-effective variant.

Setup:

• Inexpensive VPS (Hetzner Cloud CX22 for approx. 4 EUR/month or comparable at Netcup)
• Apache/Nginx with pre-configured VirtualHosts for all domains
• Let's Encrypt certificates obtained in advance and automatically renewed via cron
• Server runs permanently, but minimal costs without traffic

Implementing DNS failover: Instead of expensive managed DNS services, a simple cron job can check every 1-2 minutes whether Cloudflare is reachable. During outages, a script updates DNS records via registrar API. Most registrars offer free APIs for DNS changes.

Costs: approx. 4-8 EUR/month

This solution isn't perfect – DNS propagation takes time despite low TTL, and you lose all Cloudflare features. But for a rare emergency scenario, it's pragmatic and affordable.

🔹 Strategy 3: Static outage page as minimal failsafe

Suitable for: Everyone, as absolute minimal safeguard

The most cost-effective variant shows at least a professional "We'll be right back" page instead of a timeout error during a Cloudflare outage. The psychological difference for customers is considerable.

Setup with AWS:

• Route 53 health check monitors Cloudflare endpoints
• During outages, failover routing switches to S3 static website
• Optional CloudFront in front for HTTPS with custom domain

The outage page itself: A simple HTML page with company logo, message like "We'll be right back", contact options (phone number, email) and possibly link to a status page. No backend needed, purely static.

Costs:

• Route 53 health checks: approx. 0.50-1.00 EUR/month
• S3 bucket with a few HTML/CSS/image files: cents
• CloudFront without traffic: practically free
• Total: under 2 EUR/month

The practical benefit is considerable: instead of "page won't load", customers see a professional message. This reduces support enquiries and preserves trust. As a consulting offering, this is a quick win – low effort, low cost, high perceived value.

🔹 Strategy 4: Pay-as-you-go CDN as warm standby

Suitable for: Companies that need full CDN protection during failover

The most elegant solution is a second CDN provider that costs practically nothing in standby but is immediately ready during failover. Two providers are particularly suitable for this:

Bunny CDN is the price-performance winner here. With 0.01 EUR per GB in Europe and a minimum of just 1 USD per month, standby is practically free. You configure all domains, origins and caching rules in advance – traffic only flows during failover. Bunny also offers "Bunny Shield" as optional DDoS protection, partially replacing Cloudflare's security layer. The European location (Slovenia) is a compliance advantage for DACH customers.

Fastly is the alternative for companies with higher requirements for configurability and real-time logging. Fastly also charges purely usage-based – no traffic means no costs except minimal base fees. The strength lies in the API: configuration changes can be fully automated, so a script can automatically update the Fastly equivalent when changes are made to the Cloudflare setup.

Setup with Route 53:

• Primary record points to Cloudflare
• Secondary record points to Bunny CDN or Fastly
• Route 53 health check monitors Cloudflare endpoints
• Automatic switch to backup CDN during outages

The practical challenge: CDN configuration must be kept synchronised. Caching rules, SSL certificates, origin settings – everything must be identical on both CDNs. When changes are made to the primary, you must maintain the secondary, otherwise the site will behave differently during failover. Both Bunny and Fastly offer APIs that can be used to build a sync script or Terraform module.

Costs during normal operation:

• Route 53 health checks: approx. 0.50-1.00 EUR/month
• Bunny CDN standby: 1 USD/month minimum
• Total: approx. 2-3 EUR/month

During failover, normal traffic costs of the backup CDN apply – with Bunny about 0.01 EUR/GB, with Fastly slightly more. But in an emergency, that's an acceptable price for a full CDN with security features.

📌 Which strategy for whom?

Choosing the right safeguard depends on several factors:

Budget and complexity tolerance: The static outage page (Strategy 3) is feasible for practically everyone and should be considered the minimum. Costs are negligible, effort manageable.

Existing infrastructure: Those already using AWS can set up an elegant, low-maintenance solution with Route 53 and CloudFront/ALB (Strategy 1). Terraform or CloudFormation templates make this reproducible for multiple clients.

Business criticality: For companies where every minute of downtime counts, Strategy 4 (pay-as-you-go CDN as warm standby) is the best choice. With Bunny or Fastly as pre-configured backup, you have a full CDN including security features during failover – not just a static page or bare reverse proxy.

Honest assessment: Cloudflare has perhaps had 2-3 major outages in recent years, each lasting under an hour (the November outage with four hours was the exception). For many companies, the ROI of an elaborate failover system is low – unless you have SLAs with customers guaranteeing 99.9% uptime, or the business model is extremely time-critical.