Cloudflare sits in front of millions of websites, providing CDN, DDoS protection, and performance optimization. But does it provide uptime monitoring? Sort of. Here’s the full picture.
What Cloudflare Provides
Health Checks (Load Balancing)
Cloudflare Health Checks monitor your origin servers to make load balancing decisions. When an origin fails a health check, Cloudflare routes traffic to a healthy origin.
Important: These are designed for traffic routing, not monitoring. They check whether your origin can serve traffic, not whether users can access your site through Cloudflare.
Analytics
Cloudflare Analytics shows request volume, bandwidth, error rates, and threat data. You can see 5xx error spikes, which might indicate downtime. But analytics are passive, post-hoc data, not real-time monitoring.
Notifications
Cloudflare can send notifications for certain events: DDoS attacks, origin health changes, SSL certificate issues. These are useful but don’t constitute comprehensive uptime monitoring.
Why Cloudflare Can’t Monitor Itself
Here’s the fundamental problem: if Cloudflare has an issue, Cloudflare’s own monitoring tools are affected too.
Real examples:
- A Cloudflare DNS outage means health checks don’t resolve your domain
- A Cloudflare PoP issue means edge analytics show the site as down, but only from certain regions
- A Cloudflare configuration mistake (route, page rule, WAF) can block traffic while the origin is perfectly healthy
You need monitoring from outside Cloudflare to detect:
- Cloudflare-specific outages
- CDN cache serving stale/wrong content
- WAF false positives blocking legitimate users
- DNS resolution issues at Cloudflare’s nameservers
- SSL/TLS configuration problems at the Cloudflare edge
Setting Up External Monitoring
What to Monitor
For Cloudflare-proxied sites, monitor these separately:
| Target | What It Checks | Why |
|---|---|---|
https://yourdomain.com | Full path through Cloudflare | User experience |
| Origin IP directly | Origin health without CDN | Isolate origin vs CDN issues |
| DNS resolution | Cloudflare nameservers working | DNS-level issues |
| SSL certificate | Edge certificate validity | Configuration issues |
Detecting Cloudflare-Specific Issues
Add keyword checks to your monitoring. Verify the response contains expected content, not just a 200 status code. Cloudflare error pages (52x errors) return HTTP 5xx codes, but Cloudflare’s custom error pages look different from your application’s error pages.
Check for:
- Your brand name or specific content in the response body
- Absence of “Cloudflare” error page markers
- Correct
cf-rayheader (confirms the request went through Cloudflare)
Monitoring Cloudflare DNS
If you use Cloudflare as your DNS provider, monitor DNS resolution separately:
- Verify A/AAAA records resolve to expected IPs
- Check resolution time (spike indicates issues)
- Monitor from multiple regions to catch Cloudflare PoP-specific problems
The 100% SLA Myth
Cloudflare’s Business and Enterprise plans come with a “100% uptime SLA.” But read the fine print:
- It covers Cloudflare’s CDN service, not your origin
- If Cloudflare is down but your origin is fine, they owe credits
- You still need monitoring data to prove the outage and claim credits
- The SLA doesn’t cover DNS, Workers, or other Cloudflare products
External monitoring gives you the evidence needed for SLA credit claims.
Recommended Stack for Cloudflare Sites
- Warden (or similar) — External uptime monitoring every 10-30 seconds with keyword verification
- Cloudflare Health Checks — For automatic origin failover (if you have multiple origins)
- Cloudflare Notifications — For DDoS alerts and certificate events
- DNS monitoring — Separate tool to verify Cloudflare DNS resolution
This layered approach catches issues at every level: origin, CDN, DNS, and edge configuration.
Join the Warden waitlist for monitoring that works alongside Cloudflare.
Related tools:
- Uptime Calculator — Understand SLA targets
- SSL Certificate Checker — Verify your Cloudflare SSL configuration