CRMAIBOT
CRMAIBOT domain locking

Domain Locking for Website Chatbots

Protect your CRMAIBOT widget by allowing it to run only on approved domains. Prevent copied chatbot scripts from being used on unauthorized websites.

Learn chatbot domain locking, website chatbot security, chatbot widget protection, AI chatbot domain protection, and how to restrict chatbot to domain settings.

Start Free View Security Features
Approved DomainsWidget ProtectionUnauthorized Use PreventionBusiness ControlSafer Deployment

What Is Domain Locking?

Domain locking is a security feature that restricts a chatbot widget to specific approved website domains. Even if someone copies the chatbot script, the widget should not work on websites that are not added to the allowed domain list.

prevent unauthorized widget usage
protect business chatbot training data
control where the chatbot appears
reduce misuse of chatbot credits
improve customer trust
secure multi-website deployment
Security value

Why Domain Locking Matters

Domain locking gives businesses better control over where public chatbot widgets can run.

Prevent Script Copying

If a widget script is copied from your website, domain locking helps stop it from running on another website.

Protect Chatbot Usage

Restrict chatbot access to verified domains so your chat limits, usage, and credits are not consumed by unauthorized websites.

Brand Safety

Make sure your chatbot appears only on websites connected to your business or approved client domains.

Better Customer Trust

Visitors should interact with your chatbot only on your official website or approved domains.

Multi-Domain Control

Agencies and businesses managing multiple websites can control which chatbot is allowed on which domain.

Safer Public Widget Deployment

Website chatbot scripts are visible in browser code. Domain locking adds an important protection layer.

How it works

How CRMAIBOT Domain Locking Works

A simple approved-domain check helps decide whether the chatbot widget should initialize.

01

Create your chatbot

02

Add your approved domain

03

Install the chatbot widget script

04

CRMAIBOT checks the website domain when the widget loads

05

If the domain is approved, the chatbot works

06

If the domain is not approved, the chatbot is blocked or hidden

Approved domaincrmaibot.com
Allowedhttps://crmaibot.com
https://www.crmaibot.com
Blockedhttps://unauthorized-site.com
Setup guide

How to Add an Approved Domain

Add both www and non-www versions if your website uses both: example.com and www.example.com.

01

Open Chatbot Settings

02

Go to Domain Locking or Security Settings

03

Add your website domain

04

Choose whether to allow www and non-www versions

05

Save settings

06

Test the chatbot on your live website

Examples

Supported Domain Examples

Use hostnames that match the websites where your chatbot should appear. Remove staging domains before production if they are no longer needed.

Main Website

example.com

WWW Domain

www.example.com

Subdomain

support.example.com

Landing Page Domain

offers.example.com

Client Website

clientbusiness.com

Staging Domain

staging.example.com

Best practices

Domain Locking Best Practices

Use domain locking carefully so valid websites work and unknown websites stay blocked.

Add only official domains

Include www and non-www versions

Remove old staging domains

Use separate chatbots for different client websites

Check domain settings before launch

Monitor chatbot usage

Avoid sharing widget scripts publicly

Do not add unknown domains

Review approved domains monthly

Use domain locking with API key protection

Avoid these

Common Domain Locking Mistakes

Most setup issues come from missing www versions, forgotten subdomains, or old test domains.

Adding only www but not root domain

Adding root domain but not www

Forgetting subdomains

Using http instead of domain-only format if system expects hostname

Leaving test domains enabled

Sharing chatbot widget code with unauthorized users

Using one chatbot across many unrelated websites

Not testing after DNS changes

Not checking mobile website version

Not reviewing usage reports

Troubleshooting

Troubleshooting Domain Locking Issues

Use these checks when the chatbot does not appear, appears on the wrong domain, or stops after a domain change.

Chatbot is not showing on my website

Possible causes include domain not added, www version missing, wrong chatbot ID, cache issue, script installed incorrectly, or domain settings not saved.

Chatbot works on one version but not another

You may have added example.com but not www.example.com, or the website redirects differently.

Chatbot worked before but stopped

Possible causes include domain changes, DNS changes, staging/live domain mismatch, widget script changes, or updated security settings.

Chatbot appears on an unauthorized website

Remove unknown domains, regenerate the widget key if supported, and review domain settings.

Developer Notes

When the chatbot widget loads, the system should check the browser hostname against the chatbot approved domain list. If the hostname is not approved, the widget should not initialize. Do not store full URLs unless required. Prefer hostnames.

example.com
www.example.com
support.example.com
store allowed domains per chatbot
validate hostname server-side where possible
do not rely only on frontend checks
normalize domains before matching
support root domains and www versions
log blocked domain attempts if possible
avoid exposing secret keys in frontend code
Related resources

Continue Learning

Explore related CRMAIBOT help pages for lead capture, knowledge base setup, integrations, and rollout planning.

Lead Capture Setup

Configure lead forms, qualification, and alerts.

Open page

Knowledge Base Setup

Train your bot with approved business data.

Open page

API Docs

Review integration and webhook guidance.

Open page

Learning Guide

Learn how chatbot training works.

Open page

AI Bot

Explore CRMAIBOT AI Bot features.

Open page

Resources

Return to the resource hub.

Open page

Pricing

Choose a package for your rollout.

Open page
FAQ

Domain Locking FAQs

Answers about approved domains, www versions, subdomains, copied scripts, and chatbot widget protection.

What is domain locking?

Domain locking restricts a chatbot widget to approved website domains so it cannot be used on unauthorized websites.

Why do I need domain locking?

Domain locking helps prevent copied chatbot scripts from being used elsewhere and protects your chatbot usage, brand, and customer experience.

Should I add both www and non-www domains?

Yes. If your website works on both versions, add both example.com and www.example.com.

Can I use one chatbot on multiple domains?

This depends on the selected plan and domain settings. If allowed, add each approved domain in the chatbot settings.

Can I lock a chatbot to a subdomain?

Yes. Subdomains such as support.example.com or app.example.com can be added if supported.

What happens if someone copies my chatbot script?

If domain locking is enabled, the chatbot should not load on domains that are not approved.

Can domain locking stop all misuse?

Domain locking is an important protection layer, but it should be combined with secure API keys, server-side validation, and usage monitoring.

Why is my chatbot not showing after enabling domain locking?

Check whether the correct domain, www version, subdomain, and chatbot ID are added. Also clear cache and verify the widget script.

Protect Your Website Chatbot with Domain Locking

Allow CRMAIBOT to run only on approved websites and keep your chatbot deployment safer, cleaner, and better controlled.

Start Free View AI Bot Features