Domain masking

Domain masking or URL masking is the act of hiding the actual domain name of a website from the URL field of a user's web browser in favor of another name.^[1] There are many ways to do this, including the following examples.

1. HTML inline frame or frameset so a frame embedded in the main website actually points to some other site.
2. Internal server rewrites or aliases where web server infrastructure (such as Apache's mod_rewrite or NGINX rewrite directives) processes the URL masking entirely within a single request lifecycle. Unlike HTTP redirection, which issues a 3xx status code and forces the browser to execute a separate, secondary HTTP request, an internal rewrite maps the public-facing, masked URL directly to a hidden internal file path or a tracking proxy. Because this process happens strictly on the server side, the browser's address bar remains unchanged, successfully executing the URL mask. While this method is commonly used to protect internal URL architectures or obscure complex affiliate tracking links without performance overhead, legitimate domain masking must serve identical content to human users and search engine crawlers to avoid being penalized for "cloaking".^[2]

Once the URL is masked it displays the URL mask rather than the original URL/domain name.^[3] Masking does not affect the content of the actual website; it only covers up the original URL/domain name. Domain masking prevents users from being able to see the actual domain website, whether it be due to length or privacy/security issues.

See also

• Website spoofing
• URL shortening
• URL redirection

References

1. Hutchison, Tom (2008). Web Marketing for the Music Business. CRC Press. ISBN 9780240810447. LCCN 2008020851.
2. AdPresso (2026-05-15). "Server-Side Link Masking for Apache and NGINX Servers". AdPresso. Retrieved 2026-05-18.
3. "URL Masking". www.willmaster.com. Retrieved 2026-05-18.