At Prater Raines we’ve provided campaigning websites for more than 20 years. Our role as provider of choice to every Liberal Democrat local or regional party in the country means that we’ve registered over a thousand domain names.
During our recent launch of the party’s new federated website platform Fleet we noticed something unusual when we were asked to register some domains containing hyphens for new customers. We were seeing warnings that the sites might not be legitimate.
When do you see a warning?
- For the popup to appear, your domain name must end in a well-known website address such as, in this case, libdems.org.uk. Our customers with domains ending libdems.org (without the .uk) don’t generate the warning, because the main Lib Dem website isn’t hosted there.
- The domain name must contain a hyphen immediately before the well-known address, for example anywhere-libdems.org.uk. There’s no popup for anywherelibdems.org.uk, without the hyphen. Initially I thought this might be something to do with Internationalized Domain Names but I’m no longer convinced. It’s most likely just reflecting the way we scan words when we’re in a rush.
- It’s specifically hyphens which cause the alert. anywhere.libdems.org.uk and anywhere2libdems.org.uk are also fine. Other characters which are allowed in domain names, such as underscores, but not in host names also do not trigger the warning, but aren’t hugely useful because you can’t use them for your website address.
- It makes no difference where you host the website or what the content looks like. There’s no clever “this looks a bit like the official website, it must be a scam” logic going on, but there’s also sadly no “this is hosted on the same server addresses as the official website, it must be official” logic either.
Where does the message appear?
At the moment you only see the warning in recent versions of Google Chrome. It doesn’t seem to be an issue with Safari, Edge, Opera or Firefox. But Chrome counts for 65% of global traffic. It’s a bit less in our case, but still getting on for half of our visitors and Edge and Opera are both built on Chromium, so it’s possible we may see it there in future.
It looks like the notification was first added to Chrome a little over four years ago as a considerably less intrusive optional feature and has become more prominent in recent months.
What we recommend doing about it
There doesn’t seem to be any way of disabling the warning on a site-by-site basis. If it was possible to disable it ourselves, I guess it would render the feature kind of useless. It also isn’t (any longer) an option that the viewer could disable in their Chrome settings, although the fact that it’s enabled by default would make this an impractical solution anyway.
The sites are listed as safe in Google’s safe browsing database, so there doesn’t seem to be any appropriate way of flagging the mistaken warning up to Google.
All of which sadly means the only recommendation we can make is that you do not use a hyphen in your domain name. Even if there’s no warning triggered right now, all it takes is for someone to build a website at example.com, and your my-cool-example.com website is going to look less trustworthy to customers overnight.
If you’ve already got a domain name with a hyphen in it, we strongly recommend registering a fresh domain without the hyphen and redirecting to the new domain. Don’t ditch the old domain, though, as existing bookmarks and search results will take time to update. We sell domains from as little as £6.25 a year.
If your company or organisation name is a little long or difficult to read, remember that domain names are case insensitive so you can always use intercapitalisation on printed material to make AnywhereLibdems.org.uk easier to read.