What you can publish

Every customer site is published on a subdomain of the same domain. Browsers judge safety at the domain level, so a single page that looks like a phishing page can put a red warning in front of every customer's visitors — not just yours. Forms that ask for the things below are exactly what browsers look for.

Forms must never ask for

A form asking for any of these is refused when you publish, whatever the field is called and whatever the rest of the page says.

Identity documents need approval

Regulated identity documents are refused on your free subdomain, because that domain's safety reputation is shared with every other customer. If your business genuinely needs them — an insurance broker quoting a policy, for example — connect your own custom domain and ask us to approve the site. Most businesses should collect these after the enquiry, not on a public form.

Good forms

Your site must never

What is fine

If your site is refused

We check every page when you publish it. If we get it wrong — it is your own business, and nothing on the page collects the things above — email [email protected] and a human will look at it. To report a site published through us that breaks these rules, see Report abuse.


The Sites is a product of NovaDyne Sdn Bhd, Petaling Jaya, Selangor, Malaysia. Questions: [email protected] · Terms · Privacy · Refunds · Report abuse