Skip to main content

Security and abuse

Available now

Who this is for

This guide is for users who need to understand why ShortURL applies safety controls and what to do when a link is reviewed, disabled, or considered risky.

The controlling abuse rules are published in the Acceptable Use and Abuse Policy. This help page explains the user workflow and does not replace the legal policy.

Before you start

  • Know which link, QR code, or workspace action triggered the question.
  • Separate technical failure from safety enforcement. They are not the same workflow.
  • Gather enough context to explain the original destination and business purpose.

What to do — Investigate and resolve safety issues

  1. Review the affected link or asset and confirm whether the destination still matches the intended use case.
  2. Check whether the issue is a content mismatch, a policy problem, or a normal disable or expiry event.
  3. If the link now shows a blocked status page instead of redirecting, treat that as a safety enforcement outcome and stop distributing the link until the cause is understood.
  4. Coordinate with the relevant owner, workspace admin, or support contact when you need remediation or a review.
  5. Document the resolution so repeated risky patterns do not return in the next launch.

Report abuse or request review

  • Report suspicious links, phishing, malware, impersonation, spam, unsafe redirects, unsafe forms, abusive public pages, privacy-invasive tracking, or illegal content through the in-product support flow or the Law Enforcement and Abuse Requests page.
  • Include the short link, QR code, public page, form URL, destination URL, screenshots, timestamps, and why you believe the content is unsafe or abusive.
  • If your own link was blocked and you believe that was a mistake, include the intended destination, business purpose, and evidence showing lawful use.

Use it well — Trust and safety best practices

  • Safety controls should be treated as part of production readiness, not as an after-the-fact exception process.
  • Link Inspector and domain discipline reduce many preventable abuse-review situations before they become customer-facing.
  • If you publish forms or install conversion tracking, make sure your privacy notices, consent flows, and data-handling practices match the audience and jurisdiction.
  • For reliability questions such as outage or availability, use Service status instead of overloading abuse workflows.
Last updated on