Russia’s throttling of Cloudflare makes sites inaccessible

Starting June 9, 2025, Russian internet service providers (ISPs) began throttling access to websites and services protected by Cloudflare, making sites inaccessible from the country.

The throttling is so aggressive, reportedly only allowing users to download the first 16 KB of any web asset, that it effectively breaks most Cloudflare-backed sites for Russian netizens.

Cloudflare maintains that it has not received formal communication about this from the Russian state but considers this action part of the country’s broader strategy to oust Western tech firms from the domestic market.

The internet company states that it is in no position to remediate the situation, as the throttling is outside its control, and there are no effective workarounds or mitigations to address the access problems it causes.

"As the throttling is being applied by local ISPs, the action is outside of Cloudflare’s control, and we are unable, at this time, to restore reliable, high-performance access to Cloudflare products and protected websites for Russian users in a lawful manner," stated Cloudflare.

According to reports, the same type of throttling affects other Western internet service providers, including Hetzner (Germany), DigitalOcean (US), and OVH (France).

"One primary goal is to combat the tools used to circumvent state censorship. Hetzner and DigitalOcean are widely used by Russians to host private VPN servers, which allow them to bypass the Kremlin's ever-widening blocklists," reported MediaZona earlier this month.

"Cloudflare's infrastructure is similarly used by established anti-censorship services like Psiphon. By degrading these core providers, the state can disrupt the ecosystem of circumvention tools without having to block each one individually."

From a technical perspective, Cloudflare believes that Russian ISPs, including Rostelecom, Megafon, Vimpelcom, MTS, and MGTS, employ multiple throttling and blocking mechanisms against them, including packet injection and packet blocking, which cause timeouts.

The throttling works even when connection requests reach servers located outside of Russia and affects all connection methods and protocols, including HTTP/1.1 and HTTP/2 on TCP and TLS, as well as HTTP/3 on QUIC.

Being unable to restore access, Cloudflare urges site operators in Russia to lobby local entities to lift restrictions.

Meanwhile, Russian digital rights and online privacy observatory Roskomsvoboda reports massive waves of mobile internet restrictions impacting over 30 regions in the country.

While many of these actions were previously justified as measures to protect against drone attacks near the Ukrainian border, the number of regions impacted by internet access restrictions has recently grown rapidly, according to Roskomsvoboda, now including locations far from the front line.