Key Takeaways
Cloudflare just released its 2025 Year in Review, and it basically confirmed what hosts already know: The internet is getting harder to run with.
Ask any hosting provider how the past year felt, they’ll tell you they’re seeing the same issues across traffic, bots, AI, and security. 2025 was the year hosting infrastructure was constantly being asked to sustain pressure from crawlers, agents, and humans at the same time without any sort of predictable behavior to accompany it.
The good news is I’ve already parsed through the most relevant Cloudflare stats for hosting providers so they know what they should keep an eye on into the new year.
1. The Internet Is a Certified Mix of Humans and Machines
Global internet traffic grew by 19% this year, but it wasn’t necessarily because more people were joining the great World Wide Web.
It was mainly caused by bots and automated systems that were tirelessly deployed to crawl and index — all in the name of serving user inquiries and training LLMs. It’s yet another reminder that hosts need to make sure their architecture is clean enough for LLMs to chunk.

But it also means that sites have looked busier…just without the guaranteed follow-through of gaining customers, conversions, or revenue. And it still means this traffic is consuming loads more CPU, memory, and bandwidth.
Cloudflare also tracked a major increase in what it calls AI “user action,” which are requests that look like typical human behavior (scrolling, clicking, browsing), but are actually a bot. That kind of activity is up more than 15-fold, with Googlebot alone generating more HTML requests than many other crawlers combined.
Some site owners are trying to slow that down with robots.txt, which is nowadays the site owners’ best-effort request to decide which parts of their sites crawlers can access. But since it’s just a suggestion — not a requirement they have to abide by — bots can choose to either follow or ignore the protocol entirely. Either way, CPU, memory, and bandwidth patterns are going to change.
Classic human growth patterns are also changing because of this automated activity. Typical human behavior has shown patterns where there’s usually more traffic on weekdays and less on weekends with spikes in the morning and evening.
But AI agents don’t sleep or take vacations, so the predictable traffic curves we’re used to seeing are flattening out. This means that network usage, CPU, and memory are going to be tested to their limits — infrastructure is going to have to be ready all the time and not just rely on down hours to save on costs. Shared hosting, in particular, is going to have to deal with this head-on.
None of this is to say that it’s all bots. Starlink’s satellite internet traffic also doubled in places where it launched in rural regions like Armenia, Niger, Sri Lanka, and Sint Maarten. Thousands of people are now joining the masses in streaming, browsing, messaging, and perhaps soon, even working remotely.
2. The Internet Is Still a Fragile Web of a Network
This year, Cloudflare says it logged hundreds of internet outages. That may come as no surprise, but what is interesting is that nearly half of the 174 major outages tracked weren’t caused by technical issues at all — but were ordered by governments.
Iraq, Syria, and Sudan repeatedly cut internet access during academic exam periods to prevent cheating. Others, like Libya and Tanzania, enacted shutdowns in response to civil unrest. In Afghanistan, the Taliban ordered fiber connectivity shut down across multiple provinces.
Of course, there were actual physical infrastructure issues, too. Both submarine and land cable issues were aplenty, disrupting connectivity across the U.S., South Africa, Haiti, Pakistan, and Hong Kong. Acts of nature, like wildfires and hurricanes, also occured in Egypt and Jamaica this year, knocking thousands offline for days to weeks.
These instances may not affect everyone, but they should remind us that the internet isn’t an even playing field. It’s more like a patched-together puzzle that fails and succeeds. No matter the reason, though, the end user will always blame their provider. Global hosts need to triple-check their multiregion strategies and offer clear communication if and when things go down.
Cloudflare also found that many of these incidents aren’t full-on outages at all. They’re mostly brief disruptions — or what it calls “gray failures.” Sites technically work, but a payment may not go through or a page won’t load. Whatever it is, end users get confused (and will complain).
OK, time for some good news: Which hosts can claim bragging rights over speed? Data points to Spain, Hungary, Portugal, Chile, South Korea, Brazil, Denmark, Israel, Romania, and France as recording the fastest average download speeds this year.
3. Attacks Are More Sophisticated and Faster
This year saw record-setting DDoS attacks, and they were mainly concentrated at the network layer. Layer 3/4 is the easiest place to cause the most damage with the least amount of effort. And boy, do attackers know it.
Cloudflare blocked hundreds of massive DDoS attacks this year, with spikes happening from summer onward:
- In August, a 10 Tbps attack came and went
- September followed with a 10 Tbps and then 20 Tbps attack
- More attacks peaked at 29.7 Tbps in October and reached 31.4 Tbps in November
It’s no surprise, then, that Cloudflare flagged about 6% of all traffic as potentially malicious.
Email, surprisingly, still fits into the same picture, even if it rarely gets treated that way. Email is quite often bundled with hosting, so even when it’s not the main product, customers expect it to work. It’s also the perfect gateway into an entire network.
Cloudflare found that more than 5% of emails were malicious in 2025, with many coming from newly created or misleading TLDs like .christmas or .lol. Deceptive links, identity spoofing, and brand impersonation were the most common types of attacks, including messages that look legitimate at a glance, until a closer look reveals something like “@rnicrosoft.com”:
Look closely! Instead of “@microsoft.com.”
Here’s to 2026
Admittedly, nothing in Cloudflare’s 2025 report is especially surprising on its own. But it does confirm what the industry has been suggesting all year: that hosting has been asked to carry more weight, all the time.
If you want to go deeper, Cloudflare’s Year in Review microsite lets you explore the data by country or region so it’s easier to see which trends actually matter for certain markets heading into 2026.
