Links & invites
Block URLs, Discord invites, and link shorteners — or whitelist only the domains you trust.
When you'd use it
- Stop members posting random URLs (allow-only mode)
- Block known scam-host domains (deny mode)
- Stop drive-by
discord.gg/badserverself-promo - Catch shortened URLs (
bit.ly,t.co, etc.) that obscure their real destination
Settings
| Setting | What it does |
|---|---|
| Block Discord invites | Matches discord.gg/xyz and discord.com/invite/xyz regardless of the domains list. |
| Block link shorteners | A built-in list of common shorteners (bit.ly, tinyurl, t.co, goo.gl, ow.ly, buff.ly, is.gd, shorturl.at). Triggers independently of your custom list. |
| Mode | deny — list contains domains to BLOCK. allow_only — list contains the ONLY domains that may be posted. |
| Domains | One per row. Up to 500. Use bare hostnames (example.com, discord.com). |
Tips
- Start in deny mode. Allow-only mode is strict and tends to surprise members; only flip it on for high-security servers.
- Specifying
example.comcoverswww.example.combut not subdomains. Addnews.example.comseparately if you want to allow that one too. - The shortener list is built-in; you can't customize which shorteners count. If you need granular control, leave Block shorteners off and add specific domains to your deny list.
- Discord invites have their own toggle — you don't need to add
discord.ggto your domain list. The dedicated check is faster and catches every invite-link format.
Common patterns
| Use case | Setup |
|---|---|
| Stop self-promo | Block Discord invites ON + actions: delete + warn |
| High-trust server | Allow-only mode + domain list: github.com, your-company.com, docs.your-company.com |
| Anti-scam | Deny mode + add common phishing hosts as you find them |
| Just kill spam | Block shorteners ON + actions: delete |
Limits
- 500 domains per rule
- 6 actions per rule
Behaviour
- Detected URL = anything starting with
http://orhttps://. - The hostname is checked against your list both as-is and as the base domain (last two segments). So
bad.example.commatches an entry forexample.com. - Discord invite check uses a separate regex; bypasses the domain list entirely.
- A single message containing multiple URLs records one hit per URL (so spammers who post 5 scam links get 5 entries in the audit log).
Related pages
- Automod overview
- Security → Anti-Scam — image-based scam detection for screenshots
- Cases & warnings — what
warnactions produce