2
2 Comments

I audited 7 link shorteners before building mine — here's what nobody does, and I have zero users yet

I've been building Truthylink (https://truthylink.com) solo for about two and a half months. Before writing a single feature, I went and actually used Bitly, Short.io, Rebrandly, Cuttly, BL.INK, T2M, and Dub.co to see what a "good enough" link shortener even looks like — and found five gaps that showed up across all of them:

  1. No safety signal on the link itself — so every link on Truthylink gets scanned against Google Safe Browsing on creation and on every URL edit, with a warning interstitial if something's flagged.

  2. No one tells you when your destination breaks — so there's a daily job pinging every active link; you get notified on a 404, an expired SSL cert, or a load-time spike instead of finding out from a customer. (BL.INK has a version of this, but it's enterprise-gated.)

  3. "Bot filtering" stops at user-agent checks — so I added VPN/proxy detection and click-farm/repeat-clicker patterns, and show a real "clean click rate" instead of one trust-me number.

  4. Everyone tracks with cookies or a JS pixel — analytics here is server-side only, no cookies, no fingerprinting. Feels like the right side of GDPR/DPDP history to be on.

  5. Dark social is invisible everywhere — WhatsApp/Telegram/iMessage/Slack shares show up as "direct" in literally every tool I tried. ~70% of sharing happens there. Truthylink classifies it instead of dumping it in one bucket.

All five are free on every plan — I didn't want the interesting stuff to be the upsell.

Where I'm at: this is genuinely early. A handful of users, no real distribution yet — I wanted to get this in front of people who actually run link shorteners day-to-day before I do anything louder. If you've used Bitly/Short.io/Dub.co and there's an analytics blind spot that's actually cost you something, I'd rather hear about it now.

on July 2, 2026
  1. 1

    What stood out to me isn't any single feature—it’s the shift from “shortening links” to “trusting links after they’re shared.” Most tools optimize creation. You're optimizing what happens after distribution, when the link is already outside your control. That’s a much harder problem space, but also a more defensible one if you get the feedback loop right between safety signals, breakdown detection, and real-world click quality.

    1. 1

      Thanks, that's a really good way to put it — better than how I've been describing it myself.

      You're right that "after it's shared" part is the hard bit. Right now I show three separate things — is the link safe, is the destination still working, and how clean the clicks are — but they're just sitting next to each other, not combined into one score. I haven't merged them because I'm not sure that's even the right move. Someone sharing a link in a WhatsApp group probably cares most about safety. Someone running ads probably cares most about click quality. If I squash it into one number, I might hide the thing they actually care about.

      So honestly, I don't have that part solved yet. Have you seen this kind of problem before — combining a few different signals into one score vs just showing them separately? Curious how you'd think about it.

Trending on Indie Hackers
I sold $6,773 in 2 weeks, with almost no existing community. User Avatar 52 comments Ferguson is LIVE on ProductHunt today... so I audited their homepage first! User Avatar 37 comments Why Remote Teams Stop Talking (And Don't Even Notice It) User Avatar 33 comments The hardest part isn't building anymore User Avatar 32 comments Built a local-first Amazon profit-by-SKU + QuickBooks/Xero journal tool. Looking for founding users. User Avatar 27 comments Before you build another feature, use this workflow User Avatar 20 comments