diff --git a/docker-compose.yml b/docker-compose.yml
index 64d9ab1..ea9e584 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -15,6 +15,7 @@ services:
       - DB_USER=nysoure
       - DB_PASSWORD=nysoure_password
       - DB_NAME=nysoure
+      - BANNED_REDIRECT_DOMAINS=example.com,example.org
     restart: unless-stopped
 
   db:
diff --git a/server/service/file.go b/server/service/file.go
index fa07e2b..bbf36ff 100644
--- a/server/service/file.go
+++ b/server/service/file.go
@@ -5,8 +5,10 @@ import (
 	"context"
 	"crypto/md5"
 	"encoding/hex"
+	"fmt"
 	"io"
 	"net/http"
+	"net/url"
 	"nysoure/server/config"
 	"nysoure/server/dao"
 	"nysoure/server/model"
@@ -15,6 +17,7 @@ import (
 	"os"
 	"path/filepath"
 	"strconv"
+	"strings"
 	"sync/atomic"
 	"time"
 
@@ -28,6 +31,8 @@ const (
 	MinUnrequireVerifyFileSize = 10 * 1024 * 1024          // 10MB
 )
 
+var bannedRedirectDomains []string
+
 func getUploadingSize() int64 {
 	return dao.GetStatistic("uploading_size")
 }
@@ -46,6 +51,10 @@ func getTempDir() (string, error) {
 }
 
 func init() {
+	domains := os.Getenv("BANNED_REDIRECT_DOMAINS")
+	if domains != "" {
+		bannedRedirectDomains = strings.Split(domains, ",")
+	}
 	go func() {
 		// Wait for 1 minute to ensure the database is ready
 		time.Sleep(time.Minute)
@@ -301,6 +310,16 @@ func CancelUploadingFile(uid uint, fid uint) error {
 }
 
 func CreateRedirectFile(uid uint, filename string, description string, resourceID uint, redirectUrl string) (*model.FileView, error) {
+	u, err := url.Parse(redirectUrl)
+	if err != nil {
+		return nil, model.NewRequestError("URL is not valid")
+	}
+	for _, domain := range bannedRedirectDomains {
+		if u.Host == domain {
+			return nil, model.NewRequestError(fmt.Sprintf("Domain '%s' is not allowed", domain))
+		}
+	}
+
 	canUpload, err := checkUserCanUpload(uid)
 	if err != nil {
 		log.Error("failed to check user permission: ", err)