How to Connect to Trusted Mobile Hosts with URL Whitelisting

Last updated September 4, 2022 by Appdome

URL Whitelisting ensures that a mobile app connects only to the server URLs which you intended it to connect. This measure protects apps from attacks such as XcodeGhost, which can insert malware and adware into the app, thereby potentially making the app send user data to undesired locations.

This Knowledge Base article provides step by step instructions on how to build URL Whitelisting into any mobile app in minutes, thus only enabling connection to Trusted Mobile Hosts.

What is URL Whitelisting? 

URL Whitelisting in mobile apps includes a list of approved, trusted websites that the app is permitted to communicate with. All other URLs are blocked. URL Whitelisting provides a method to identify sites that an app can access.  The goal of whitelisting is to provide a safe space for users accessing services via an app.

Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps by using URL Whitelisting.  When an Appdome user clicks Build My App, Appdome leverages a microservice architecture filled with 1000s of security plugins, and an adaptive code generation engine that matches the correct required plugins to the development environment, frameworks, and methods in each app.

3 Easy Steps Add URL Whitelisting to Android & iOS Apps

Follow these 3 Easy Steps to add URL Whitelisting to Any iOS or Android App:

  1. Upload a mobile app to Appdome (.apk, .ipa, .aab)
  2. Go to the Build tab, Select Security, Expand Secure Communication, turn on URL Whitelisting.
    • Click + Add and add the hostname you want to whitelist
    • You can edit the App Compromise Notification (Optional)
    • You can use Threat Events to handle compromises internally in the app (Optional)
  3. Click Build My App.

URL Whitelisting


Congratulations! You now have a mobile app fully integrated with URL Whitelisting.

Build My App Success

Prerequisites for URL Whitelisting

Here’s what you need to build secured apps with URL Whitelisting

No Coding Dependency

Using Appdome, there are no development or coding prerequisites to build secured apps with URL Whitelisting. There is no SDK and no library to manually code or implement in the app. The Appdome technology adds the relevant standards, frameworks, and logic to the app automatically, with no manual development work at all.

How to Sign & Publish Secured Mobile Apps Built on Appdome  

After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include 

Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome. 

How To Learn More?

For more information on URL whitelisting and some of the attacks, it can thwart such as Phishing, check our blog. 

Or request a demo at any time.

To zoom out on this topic, visit  Appdome for Mobile App Security on our website.

Check out the full menu of features in the Appdome Mobile Security Suite

If you have any questions, please send them our way at or via the chat window on the Appdome platform.

Or request a demo at any time.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.


let's solve it together

OhadMaking your security project a success!
By filling out this form, you opt-in to recieve emails from us.