Live incident — 164 civic domains taken offline simultaneously · April 3, 2026 · Cloudflare Case #02055919 open and unanswered
ERROR 1027 — PLAN LIMIT REACHED

You hit the
wall.
Cloudflare
owns your site.

Cloudflare sits between 21% of the entire internet and its visitors. Built on a government intelligence sale. Embedded in the Council on Foreign Relations. Controlling DNS for every .gov domain. And when they want you offline — payment blocked, support silent, sites down — you find out exactly how much you own.

Get Your Exit Plan → Read the Evidence
Websites controlled
21%
of the entire internet
US Gov agencies served
40+
including all .gov DNS
Domains taken offline
164
April 3, 2026 · no notice
Payment methods blocked
4
3 credit cards + PayPal
April 3, 2026 · Live Incident

The incident on record

This is a documented, timestamped event — not a complaint. Every item below is evidenced by email headers, support ticket numbers, and browser screenshots with UTC timestamps. The record is open.
April 3, 2026 · 05:02 UTC
Warning email received
Cloudflare sends automated notification: account at 90% of daily Workers request limit (100,000 req/day). Limit resets April 4 at 00:00 UTC. Standard warning; no action required.
April 3, 2026 · Morning
Payment attempted — 10+ times across 4 methods
Three credit cards and PayPal, more than ten separate payment attempts. Each rejected with "An unexpected error occurred while processing your payment." No explanation, no error code, no path to resolution.
April 3, 2026 · 10:05 UTC
Support ticket filed — Case #02055919
Ticket opened: "I have tried 4 payment methods. I am unable to submit payment for Workers due to this ongoing issue despite more than 10 attempts." Cloudflare sends auto-acknowledgment. No human response follows.
April 3, 2026 · 17:45–17:53 UTC
All 164 domains taken offline — no notification
Error 1027 begins appearing across all domains simultaneously. "This website has been temporarily rate limited." Zero email notification sent. Zero update to Case #02055919. The company that emails at 90% goes silent at 100% — while a billing support ticket sits open.
April 3, 2026 · 11:45 PT (ongoing)
Sites remain down · No response · Payment still blocked
Three facts remain true simultaneously: every site is offline, payment cannot be submitted, and Cloudflare has not responded to the support ticket they confirmed receiving.
Cloudflare billing error — 'An unexpected error occurred while processing your payment' — April 3, 2026
EXHIBIT A — Cloudflare billing portal · April 3, 2026 · PayPal rejected alongside 3 credit cards · Case #02055919
01

The payment paradox

Cloudflare blocked their own payment gateway across four separate payment methods while simultaneously enforcing limits that require payment to resolve. The customer is trapped in a loop with no exit path.

02

Selective notification

Cloudflare sent an automated email at 90% of limit. They sent nothing when they crossed 100% and terminated all traffic. A company that emails at 90% and goes silent at 100% is making a deliberate choice.

03

No due process

164 domains — representing a civic infrastructure network for greater Seattle — taken offline in a single automated action. No warning. No grace period. No appeal path. No human on record.

"A website is speech. It is not a bomb." — Matthew Prince, Cloudflare CEO, 2012 (on not taking down websites)
The Operator

Matthew Prince — the documented affiliations

Origin: Built on a government intelligence sale

Project Honey Pot — Prince's pre-Cloudflare surveillance network tracking malicious IP addresses — was sold to the U.S. Department of Homeland Security in 2008. The DHS asked: "Do you have any idea how valuable the data you have is?" That transaction became the founding thesis of Cloudflare.

The company was not born of market demand. It was born of intelligence validation.

The affiliation stack

Council on Foreign Relations
Member — Prince personally. Also: Chief Legal Officer Doug Kramer (lifetime member, former Obama White House Staff Secretary and Deputy Assistant to the President).
World Economic Forum
Technology Pioneer designation. Regular Davos participant and speaker.
CISA / U.S. Government
$7.2M contract to control authoritative DNS for the entire .gov top-level domain. 40+ federal agencies served. Protective DNS resolver for all Federal Civilian Executive Branch agencies.
Institutional Holders
Vanguard, BlackRock, Fidelity, T. Rowe Price, State Street — the standard constellation of permanent capital. Prince retains operational control through super-voting Class B shares regardless.

The gate, documented

Cloudflare now intermediates between the open internet and 21% of all websites globally. It controls the DNS that routes every .gov domain. It holds intelligence-sharing agreements with the federal government that make it the conduit through which state threat intelligence flows into the private sector.

Prince's own words on the government partnership: "threat intelligence that was previously exclusively the government's" now flows through Cloudflare to the private sector. He is the intermediary.

# The founding sequence
2004 → Build surveillance network (Project HoneyPot)
2008 → Sell intelligence to DHS
2009 → Found Cloudflare on that validation
2010 → Launch publicly at TechCrunch Disrupt
2019 → IPO at $15/share; dual-class voting locked
2021 → CISA contract: protective DNS for all FCEB
2023 → Win .gov TLD registry contract ($7.2M)
2026 → Controls 21% of internet · 40+ fed agencies
# April 3: 164 civic domains offline, no notice
Note: This pattern was publicly identified and documented in 2019 — seven years before today's event. The analysis is not reactive. It is confirmed.
The Pattern

An old playbook, recycled for the digital age

Three instances. Three thousand years. The moves are identical: consolidate the archive, gate the access, destroy or weaponize on cue. Every iteration presents itself as preservation.

Library of Alexandria — aerial reconstruction
~300 BCE — Egypt

Library of Alexandria

Ptolemaic project. Every ship entering Alexandria's harbor had its books confiscated, copied, and returned — originals kept. The stated mission: universal preservation. The operational reality: monopoly on the authoritative text. The burning came later, after dependency was established.

Thomas Prince, American historian and librarian, 1750
1718–1758 CE — Boston

Thomas Prince Library

Puritan minister at Old South Church. Built the second largest collection of Americana in the colonies. A champion of the Great Awakening. When the British occupied Boston, they used his church as a riding school. Some volumes destroyed. The archive — assembled to preserve — became a casualty of the occupation it had not anticipated.

Library of Alexandria interior — scrolls and scholars
2009–Present — Global

Cloudflare

Built on a DHS intelligence sale. Positioned as free, fast, protective infrastructure. Drew in 21% of the internet by making itself indispensable. Now controls .gov DNS, holds CFR membership in both CEO and CLO seats, and intermediates government intelligence into the private sector. When the gate closes — it closes without notice, without appeal, and without refund.

The pattern is not the conspiracy. The pattern is the architecture. Consolidation is the service. The gate is the product. The burning is the feature — deployed when needed.
The Cookbook

Your sovereign stack — step by step

The migration is not complex. It has been executed at scale — 164 domains in a single day — using the tools below. All open. All documented. All yours.

What you're leaving
Cloudflare Workers
Routing logic that can be switched off without notice. Free plan: 100k req/day hard limit. Payment gateway broken by design.
Cloudflare DNS (as compute dependency)
Free DNS is fine in isolation. The trap is routing business logic through Workers attached to it.
Any single-vendor critical path
If one company can take you offline without a phone call, you are not sovereign.
What you're building
Replit — Development & Deployment
Your build environment. The migration cookbook lives here. Rapid iteration, full control of routing logic.
Fly.io — Routing & Compute
Your routing script handles all traffic by Host header. Shared machine, no per-domain cost. Already live.
Bunny DNS — Authoritative DNS
Fast global anycast DNS. Clean REST API — create zones, add A records, and bulk-migrate all domains with a script. NS: kiki.bunny.net / coco.bunny.net.
Porkbun — Domain Registration
Nameserver updates scriptable via API. Point to Hetzner nameservers. Bulk update available.
NetSentinel — Attack Filtering
Drop-in Node.js middleware. Detects 22 attack signatures. RIPE NCC abuse contact lookup. Federated network. No Cloudflare dependency.

The migration sequence

# Phase 1: Deploy routing layer — do this once for all domains
1. Create Fly.io app (free tier, shared machine)
2. Deploy routing script — reads Host: header, proxies to your platform
3. Add health check endpoint to proxy (/health returns 200 JSON)
4. Set autostop = "suspend" — 2s resume vs 30s cold boot
5. Create second machine in a second region (East Coast + West Coast)
6. Note Fly.io shared IP address

# Phase 2: Canary domain first — validate end-to-end
7. Create Bunny DNS zone for first domain (API call)
8. Add A record → Fly.io IP
9. Update Porkbun nameservers → kiki.bunny.net / coco.bunny.net
10. Wait 15–30 min, verify TLS + site loads cleanly
11. Confirm: no Cloudflare in response headers

# Phase 3: Batch the rest — scriptable at ~30s/domain
12. Script Bunny DNS zone creation via API for all remaining domains
13. Script Porkbun nameserver updates via API (bulk endpoint available)
14. Run status checker — domains turn green when DNS propagates

# If the proxy goes silent: one-line recovery (no CLI tools required)
# curl -X POST https://api.machines.dev/v1/apps/APP/machines/ID/restart
# -H "Authorization: Bearer $FLY_IO_TOKEN"

# Total cost after migration: ~$0.01/month (Bunny DNS free, Fly shared machine)
# Time to migrate 164 domains after canary: < 4 hours with scripts
The health check is not optional. Without it, Fly.io cannot detect when your proxy enters a broken state and will not auto-restart it. A machine that looks "started" can silently stop routing traffic. The health check is what converts a human-dependent recovery into an automatic one.
Submit Your Cloudflare Incident →
Community Record

Submit your Cloudflare incident

If you've experienced unexplained service termination, payment blocking, or unresponsive support from Cloudflare, your experience belongs in the public record. All submissions are reviewed and may be published on this site.

About NoFlare.org

Built the day they took
164 sites offline

This site was conceived on April 3, 2026 — the same day Cloudflare simultaneously took down 164 civic infrastructure domains, blocked payment across 4 methods, and left a support ticket unanswered. It is maintained by operators who have lived the dependency and built the exit. The migration tools are proven in production. The record is open. The exit is free.

Start Your Migration → Submit an Incident