This article describes the available options for using custom hostnames or domains in simulation campaigns, as well as the technical requirements, associated costs, and necessary configurations both inside and outside the platform.
Using hostnames with domains provided by the platform
If you want to use a hostname (subdomain) along with the domains already available on the platform (for example: securewebdomains.com, pass-login.com, protected-request.com), you can configure it directly without the intervention of the SMARTFENSE team.
This configuration is done from:
Settings > Organization > Hostnames
Once configured, the URLs used in simulation campaigns will have the following format:
hostname.securewebdomains.com
hostname.pass-login.com
hostname.protected-request.com
Where hostname corresponds to the subdomain defined by the client.
Using your own domain
If you want to use your own domain, for example mydomain.com, this functionality involves an additional cost. This is because it is necessary to:
acquire a special SSL certificate of the wildcard type
install this certificate on the infrastructure used by SMARTFENSE
In this scenario, the campaign URLs can be:
hostname.mydomain.com
or other subdomains you want to use under that domain
Limitations in URL customization
In Phishing and Ransomware simulations, it is only possible to customize:
the domain
and the hostname
The part of the URL to the right of the root domain cannot be modified.
Intervention of the SMARTFENSE team
Implementing a custom domain requires the intervention of the SMARTFENSE team to:
install the SSL certificate
configure the infrastructure
validate the correct functioning of the domain on the platform
Options for domain acquisition
If the client does not have a domain
The client can request that the SMARTFENSE team acquire the domain on their behalf. To do this, they must:
Indicate the desired domain name or a list of alternatives.
Wait for availability validation and the corresponding cost.
The price of the domain will depend on the name and the selected extension, so the cost may vary.
If the client already has a domain
In this case, SMARTFENSE will provide the configurations that must be applied to the domain's DNS so that traffic is correctly redirected to the platform.
These configurations must be implemented by the domain administrator or the client's IT team.
Recommendation on the use of domains in simulations
It is recommended to review the article The gold Phishing simulation, which explains that it is not necessary for all scenarios or URLs to be completely identical to the real ones for a simulation to be effective.
💡 Best practices
First evaluate if using a hostname on the domains provided by the platform meets your needs, as this option does not require additional costs or technical intervention.
If you decide to use your own domain, prepare the DNS configuration and SSL certificate management in advance to reduce implementation times.
Consider registering more than one domain or subdomain to be able to rotate them between campaigns and reduce the likelihood of blocks or blacklists.
Internally validate the organization's policies before using corporate domains in simulations, especially in environments with strict security controls.