diff --git a/cmd/bind/cleanup.go b/cmd/bind/cleanup.go
index 71665b2..1b5ba48 100644
--- a/cmd/bind/cleanup.go
+++ b/cmd/bind/cleanup.go
@@ -38,24 +38,28 @@ func cleanBadDomains(domains []string) []string {
 	// remove allow-listed matches
 	total = len(domains)
 
-	for i, allowedItem := range config.Config.AllowLists {
-		log.Printf("[DEBUG] Processing %d of %d\n", i+1, len(config.Config.AllowLists))
+	// filter out bad regex
+	goodAllowedItemList := []string{}
+	for _, allowedItem := range config.Config.AllowLists {
+		_, err := regexp.Compile(allowedItem)
+		if err != nil {
+			log.Printf("[ERROR] Allow list item (%s) is not valid regex: %v\n", allowedItem, err)
+			break
+		}
+		goodAllowedItemList = append(goodAllowedItemList, allowedItem)
+	}
 
-		list = []string{}
-		for _, v := range domains {
-			r, err := regexp.Compile(allowedItem)
-			if err != nil {
-				log.Printf("[ERROR] Allow list item (%s) is not valid regex: %v\n", allowedItem, err)
-				break
-			}
-			if r.MatchString(v) {
+	list = []string{}
+	for _, v := range domains {
+		for _, allowedItem := range goodAllowedItemList {
+			if regexp.MustCompile(allowedItem).MatchString(v) {
 				log.Printf("[DEBUG] Removing allowed matching item: %s\n", v)
 			} else {
 				list = append(list, v)
 			}
 		}
-		domains = list
 	}
+	domains = list
 	log.Printf("[INFO] Allowed hosts removed: %d\n", total-len(domains))
 
 	log.Printf("[INFO] Total domains in list at end: %d.\n", len(domains))
diff --git a/config/config.yaml b/config/config.yaml
index 08fcafc..ba00df8 100644
--- a/config/config.yaml
+++ b/config/config.yaml
@@ -38,25 +38,25 @@ allowList:
 - ^ip6-allnodes$
 - ^ip6-allrouters$
 - ^ip6-allhosts$
-- (^|\.)thepiratebay\.org
-- (^|\.)sendgrid\.net
-- (^|\.)googleadservices\.com
-- (^|\.)doubleclick\.net
-- (^|\.)sailthru\.com
-- (^|\.)magiskmanager\.com
-- (^|\.)apiservices\.krxd\.net
-- (^|\.)logfiles\.zoom\.us
-- (^|\.)logfiles-va\.zoom\.us
-- (^|\.)nest\.com
-- (^|\.)clients.\.google\.com
-- (^|\.)login\.live\.com
-- (^|\.)unagi\.amazon\.com
-- (^|\.)unagi-na\.amazon\.com
-- (^|\.)duckduckgo\.com
-- (^|\.)msn\.com
-- (^|\.)nexusrules\.officeapps\.live\.com
-- (^|\.)playfabapi\.com
-- (^|\.)vercel-dns\.com
+- (^|\.)thepiratebay\.org$
+- (^|\.)sendgrid\.net$
+- (^|\.)googleadservices\.com$
+- (^|\.)doubleclick\.net$
+- (^|\.)sailthru\.com$
+- (^|\.)magiskmanager\.com$
+- (^|\.)apiservices\.krxd\.net$
+- (^|\.)logfiles\.zoom\.us$
+- (^|\.)logfiles-va\.zoom\.us$
+- (^|\.)nest\.com$
+- (^|\.)clients.\.google\.com$
+- (^|\.)login\.live\.com$
+- (^|\.)unagi\.amazon\.com$
+- (^|\.)unagi-na\.amazon\.com$
+- (^|\.)duckduckgo\.com$
+- (^|\.)msn\.com$
+- (^|\.)nexusrules\.officeapps\.live\.com$
+- (^|\.)playfabapi\.com$
+- (^|\.)vercel-dns\.com$
 denyList:
 - jindlecleanings.xyz
 - "*.jindlecleanings.xyz"
\ No newline at end of file