diff --git a/server/models/User.test.ts b/server/models/User.test.ts
index fc82c772e..5e0c378ad 100644
--- a/server/models/User.test.ts
+++ b/server/models/User.test.ts
@@ -13,6 +13,28 @@ afterAll(() => {
 });
 
 describe("user model", () => {
+  describe("create", () => {
+    it("should not allow URLs in name", async () => {
+      await expect(
+        buildUser({
+          name: "www.google.com",
+        })
+      ).rejects.toThrowError();
+
+      await expect(
+        buildUser({
+          name: "My name https://malicious.com",
+        })
+      ).rejects.toThrowError();
+
+      await expect(
+        buildUser({
+          name: "wwwww",
+        })
+      ).resolves.toBeDefined();
+    });
+  });
+
   describe("destroy", () => {
     it("should delete user authentications", async () => {
       const user = await buildUser();
diff --git a/server/models/validators/NotContainsUrl.ts b/server/models/validators/NotContainsUrl.ts
index 63b9aad36..fffbd0a8d 100644
--- a/server/models/validators/NotContainsUrl.ts
+++ b/server/models/validators/NotContainsUrl.ts
@@ -8,7 +8,7 @@ export default function NotContainsUrl(target: any, propertyName: string) {
   return addAttributeOptions(target, propertyName, {
     validate: {
       not: {
-        args: /(www|file:|http:|https:)+[^\s]+[\w]/,
+        args: /(www\.|file:|http:|https:)[^\s]+[\w]/,
         msg: "Must not contain a URL",
       },
     },