# How to Avoid Premature Domain Blocking and Warning Signs

Here you’ll find recommendations on domain selection, basic protection, configuration, and website design that help reduce the risk of your domain being quickly blocked or flagged by anti-phishing and anti-spam services.

***

#### Choosing the future domain name

**Expired domains (highly recommended)**

The best domains are those that previously left a positive footprint on the Internet.

For that there is a dedicated service — [ExpiredDomains](https://www.expireddomains.net/).

It shows domains with history (expired) that most likely were used for legitimate services and have a positive reputation.

We are interested in domains with an initial registration date at least 1 year ago, preferably 3–5.

Immediately check domains for clean past usage via the [Wayback Machine](https://web.archive.org). Also check other spam lists and look for reputation marks.

**Name recommendations**

The domain should be as short as possible to inspire more trust.

The most effective and long-living approach is to use a phishing-style domain without occurrences of the original keyword and without keywords such as “verification”, “security”, “bank”, “google”, “paypal”, “coinbase”, “chase”, “credit”, “amazon”, “fedex”, etc. Newly registered domains containing top brand names, banks and payment systems are banned by anti-phishing bots very quickly.

Choose a neutral name and route traffic through a subdomain — for example, run all traffic through airdrop.example.com while example.com hosts an endless loading page or any other “white” page. Automated phishing detection systems will not find our site quickly, so using subdomains is very important.

#### Aging

It is extremely important to let a freshly registered domain “age” after purchase. Spend at least 7–14 days so it is no longer considered new. This also strongly affects scanning by anti-phishing services.

***

### Domain protection

The foundation — the most effective methods of protecting an already purchased domain.

#### Bot filtering, SSL, captcha

We strongly recommend issuing a certificate on the server itself rather than using a universal one from Cloudflare — this is much safer and preferred by search engines and anti-phishing services. [Detailed guide to installing SSL on a server with Nginx or Apache](https://safedomains.gitbook.io/safedomains-wiki/informaciya/ustanovka-ssl-sertifikata-lets-encrypt-na-server-s-nginx-ili-apache).

Regarding domain settings in Cloudflare itself — when buying a domain in [SafeDomains](https://t.me/safedomainsbot) everything is already configured: by default all known bots are blocked + basic bot and DDoS protection is enabled, however there is no captcha. If you still need it — go to Cloudflare settings directly in the bot and set DDoS Mode — *Under Attack*.

**If purchased elsewhere**

1. Adding the domain
   1. In Cloudflare click *Add site* and enter the domain.
   2. Cloudflare will issue a set of nameservers — replace your registrar’s current nameservers with those provided by Cloudflare.
   3. Wait for DNS propagation — usually 10–30 minutes, sometimes up to 24 hours depending on the registrar.
2. SSL/TLS — enable secure mode
   * Go to *SSL/TLS → Overview*.
   * Set the mode to Full (Strict) only if a valid SSL certificate is installed on your server (Let’s Encrypt or Cloudflare Origin).
   * Full (Strict) provides authentication checks and end-to-end encryption.
   * Enable *Always Use HTTPS* — all HTTP requests will be automatically redirected to HTTPS.

     If you cannot issue a certificate on the server, leave the *Flexible* mode.
3. Basic protection against bots and automated traffic
   * Open *Security → Bots* and enable *Bot Fight Mode*.
   * Go to *Security → WAF → Managed Rules / Custom Rules*.
   * Create rules to block traffic from known data centers (ASN) — for example: AWS, Hetzner, OVH, etc.

#### GEO filtering

For some reason people working with one or several countries forget to create a whitelist for target countries and block everything else — and this is a mistake! 🦆🔪

Everything is done very simply. For example, if your traffic is targeted to Germany or the landing is intended exclusively for Germany (e.g., *kleinanzeigen*), then we block everything except DE.

Country codes can be found [here](https://www.borovic.ru/codes.html).

This is also configured in Cloudflare, section *Security → Security Rules*, specifically the *Block requests by geographical location* template.

#### Cloaking

Of all the options on the market the best is Adspect at $499–999 per month. Expensive, but works best. The ML model is trained on data from all clients and updated weekly. It blocks all checking systems — Google Safe Browsing, VirusTotal, Kaspersky, Brandverity. Protection against spy services — adplexity, adclarity, adspy. + tcp/ip and ssl/tls fingerprinting — this is tracked and is incredibly important.

***

### Site design

Even with the best cloaking and an aged domain a site will be blocked if you use template landing pages or copy others.

#### Code obfuscation

Our main task here is to maximize uniqueness of the site code. The code must be made as indistinguishable as possible; main methods:

* Change all classes/ids in HTML/CSS of a ready-made landing page to random ones.
* Change the HTML structure: move various blocks around, add extra wrappers.
* Obfuscate JS via javascript-obfuscator with aggressive mode — rename variables, split strings, inject dead code.
* Block DevTools and Ctrl+U via event listeners.
* Make image fingerprints unique and remove their metadata by running through various photo editors. Change photo quality and pixel dimensions.

  Again, there are no exact specifics — you need to test and verify that functionality remains. Also change variable names, file names, scripts. In general, completely redo the structure while preserving functionality.

  Reminder: you can hide suspicious words using CSS insertion:

```
.transfer::before {
  content: "Air";
}
.transfer::after {
  content: "Drop";
}
```

#### Color randomization

This is a basic and obvious technique, but it has its place here. 🦆❤️

Create a JS script and put it in \<head>:

```
<script src="/script_name.js"></script>
```

Example:

```
const angle = Math.floor(Math.random() * 10) + 1;
document.documentElement.style.setProperty('filter', `hue-rotate(${angle}deg)`);
```

#### Do not infringe copyrights

If a logo stolen from a company is used on the site somewhere — better remove or completely redo it, because in my experience this is one of the most common triggers for complaints.

***


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://safedomains.gitbook.io/safedomains-wiki/english/information/interactive-blocks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.