Understanding Cloudflare's Architecture

Learn More (Whitepaper)

Control Plane

The "Brain"

Dashboard, API, and configuration management. If the Control Plane fails, your traffic still flows normally - you just cannot make configuration changes until it recovers. Learn more →

No bypass needed during Control Plane outages

Data Plane

The "Workhorse"

Edge Anycast Network handling actual traffic. Designed for independent failure - each data center operates autonomously. A regional issue does not cascade globally.

Data Plane issues may require failover actions

Fail Small

Code Orange — Complete

Following global outages in Nov/Dec 2025, Cloudflare completed the "Code Orange: Fail Small" initiative in April 2026 — shipping health-mediated config deployments (Snapstone), fail-stale/open/closed patterns, blast-radius segmentation, and new break-glass procedures across the entire network.

Initiative complete — stronger network, new engineering Codex enforced via AI review
Read the completion post →
Original initiative overview →

Before You Bypass: The Security Trade-off

The critical question: At what point does the security risk of exposing your infrastructure outweigh the cost of downtime?

Risks of Bypassing Cloudflare:

  • Loss of DDoS Protection & WAF - Your origin is exposed to volumetric and application-layer attacks
  • Origin IP Exposure - Once attackers discover your origin IP, they can target it directly in future attacks
  • Edge Logic Breakage - Workers, Rules, Snippets, and caching logic stop functioning

For most scenarios, maximizing native Cloudflare resilience is safer than a manual bypass. Evaluate your specific operational constraints, regulatory requirements, and risk tolerance before proceeding.