diff --git a/.github/changelog/2590-from-description b/.github/changelog/2590-from-description
new file mode 100644
index 0000000000..33ee27ffaa
--- /dev/null
+++ b/.github/changelog/2590-from-description
@@ -0,0 +1,4 @@
+Significance: minor
+Type: added
+
+Add blocklist subscriptions for automatic weekly synchronization of remote blocklists.
diff --git a/assets/js/activitypub-moderation-admin.js b/assets/js/activitypub-moderation-admin.js
index 207d41c16a..204253dbf8 100644
--- a/assets/js/activitypub-moderation-admin.js
+++ b/assets/js/activitypub-moderation-admin.js
@@ -196,6 +196,9 @@
 
 		// Site moderation management.
 		initSiteModeration();
+
+		// Blocklist subscriptions management.
+		initBlocklistSubscriptions();
 	}
 
 	/**
@@ -345,6 +348,92 @@
 		});
 	}
 
+	/**
+	 * Initialize blocklist subscriptions management
+	 */
+	function initBlocklistSubscriptions() {
+		// Function to add a blocklist subscription.
+		function addBlocklistSubscription( url ) {
+			if ( ! url ) {
+				var message = activitypubModerationL10n.enterUrl || 'Please enter a URL.';
+				if ( wp.a11y && wp.a11y.speak ) {
+					wp.a11y.speak( message, 'assertive' );
+				}
+				alert( message );
+				return;
+			}
+
+			// Disable the button while processing.
+			var button = $( '.add-blocklist-subscription-btn' );
+			button.prop( 'disabled', true );
+
+			wp.ajax.post( 'activitypub_blocklist_subscription', {
+				operation: 'add',
+				url: url,
+				_wpnonce: activitypubModerationL10n.nonce
+			}).done( function() {
+				// Reload the page to show the updated list.
+				window.location.reload();
+			}).fail( function( response ) {
+				var message = response && response.message ? response.message : activitypubModerationL10n.subscriptionFailed || 'Failed to add subscription.';
+				if ( wp.a11y && wp.a11y.speak ) {
+					wp.a11y.speak( message, 'assertive' );
+				}
+				alert( message );
+				button.prop( 'disabled', false );
+			});
+		}
+
+		// Function to remove a blocklist subscription.
+		function removeBlocklistSubscription( url ) {
+			wp.ajax.post( 'activitypub_blocklist_subscription', {
+				operation: 'remove',
+				url: url,
+				_wpnonce: activitypubModerationL10n.nonce
+			}).done( function() {
+				// Remove the row from the UI.
+				$( '.remove-blocklist-subscription-btn' ).filter( function() {
+					return $( this ).data( 'url' ) === url;
+				}).closest( 'tr' ).remove();
+
+				// If no more subscriptions, remove the table.
+				var table = $( '.activitypub-blocklist-subscriptions table' );
+				if ( table.find( 'tbody tr' ).length === 0 ) {
+					table.remove();
+				}
+			}).fail( function( response ) {
+				var message = response && response.message ? response.message : activitypubModerationL10n.removeSubscriptionFailed || 'Failed to remove subscription.';
+				if ( wp.a11y && wp.a11y.speak ) {
+					wp.a11y.speak( message, 'assertive' );
+				}
+				alert( message );
+			});
+		}
+
+		// Add subscription functionality (button click).
+		$( document ).on( 'click', '.add-blocklist-subscription-btn', function( e ) {
+			e.preventDefault();
+			var url = $( this ).data( 'url' ) || $( '#new_blocklist_subscription_url' ).val().trim();
+			addBlocklistSubscription( url );
+		});
+
+		// Add subscription functionality (Enter key).
+		$( document ).on( 'keypress', '#new_blocklist_subscription_url', function( e ) {
+			if ( e.which === 13 ) { // Enter key.
+				e.preventDefault();
+				var url = $( this ).val().trim();
+				addBlocklistSubscription( url );
+			}
+		});
+
+		// Remove subscription functionality.
+		$( document ).on( 'click', '.remove-blocklist-subscription-btn', function( e ) {
+			e.preventDefault();
+			var url = $( this ).data( 'url' );
+			removeBlocklistSubscription( url );
+		});
+	}
+
 	// Initialize when document is ready.
 	$( document ).ready( init );
 
diff --git a/includes/class-blocklist-subscriptions.php b/includes/class-blocklist-subscriptions.php
new file mode 100644
index 0000000000..faf342f551
--- /dev/null
+++ b/includes/class-blocklist-subscriptions.php
@@ -0,0 +1,222 @@
+<?php
+/**
+ * Blocklist Subscriptions class file.
+ *
+ * @package Activitypub
+ */
+
+namespace Activitypub;
+
+/**
+ * Blocklist Subscriptions class.
+ *
+ * Manages subscriptions to remote blocklists for automatic updates.
+ * Owns all remote blocklist logic: fetching, parsing, and importing.
+ */
+class Blocklist_Subscriptions {
+
+	/**
+	 * Option key for storing subscriptions.
+	 */
+	const OPTION_KEY = 'activitypub_blocklist_subscriptions';
+
+	/**
+	 * IFTAS DNI list URL.
+	 */
+	const IFTAS_DNI_URL = 'https://about.iftas.org/wp-content/uploads/2025/10/iftas-dni-latest.csv';
+
+	/**
+	 * Get all subscriptions.
+	 *
+	 * @return array Array of URL => timestamp pairs.
+	 */
+	public static function get_all() {
+		return \get_option( self::OPTION_KEY, array() );
+	}
+
+	/**
+	 * Add a subscription.
+	 *
+	 * Only adds the URL to the subscription list. Does not sync.
+	 * Call sync() separately to fetch and import domains.
+	 *
+	 * @param string $url The blocklist URL to subscribe to.
+	 * @return bool True on success, false on failure.
+	 */
+	public static function add( $url ) {
+		$url = \sanitize_url( $url );
+
+		if ( empty( $url ) || ! \filter_var( $url, FILTER_VALIDATE_URL ) ) {
+			return false;
+		}
+
+		$subscriptions = self::get_all();
+
+		// Not already subscribed.
+		if ( ! isset( $subscriptions[ $url ] ) ) {
+			// Add subscription with timestamp 0 (never synced).
+			$subscriptions[ $url ] = 0;
+			\update_option( self::OPTION_KEY, $subscriptions );
+		}
+
+		return true;
+	}
+
+	/**
+	 * Remove a subscription.
+	 *
+	 * @param string $url The blocklist URL to unsubscribe from.
+	 * @return bool True on success, false if not found.
+	 */
+	public static function remove( $url ) {
+		$subscriptions = self::get_all();
+
+		if ( ! isset( $subscriptions[ $url ] ) ) {
+			return false;
+		}
+
+		unset( $subscriptions[ $url ] );
+		\update_option( self::OPTION_KEY, $subscriptions );
+
+		return true;
+	}
+
+	/**
+	 * Sync a single subscription.
+	 *
+	 * Fetches the blocklist URL, parses domains, and adds new ones to the blocklist.
+	 * Updates the subscription timestamp on success.
+	 *
+	 * @param string $url The blocklist URL to sync.
+	 * @return int|false Number of domains added, or false on failure.
+	 */
+	public static function sync( $url ) {
+		$response = \wp_safe_remote_get(
+			$url,
+			array(
+				'timeout'     => 30,
+				'redirection' => 5,
+			)
+		);
+
+		if ( \is_wp_error( $response ) ) {
+			return false;
+		}
+
+		$response_code = \wp_remote_retrieve_response_code( $response );
+		if ( 200 !== $response_code ) {
+			return false;
+		}
+
+		$body = \wp_remote_retrieve_body( $response );
+		if ( empty( $body ) ) {
+			return false;
+		}
+
+		$domains = self::parse_csv_string( $body );
+
+		if ( empty( $domains ) ) {
+			return false;
+		}
+
+		// Get existing blocks and find new ones.
+		$existing    = Moderation::get_site_blocks()[ Moderation::TYPE_DOMAIN ] ?? array();
+		$new_domains = \array_diff( $domains, $existing );
+
+		if ( ! empty( $new_domains ) ) {
+			Moderation::add_site_blocks( Moderation::TYPE_DOMAIN, $new_domains );
+		}
+
+		// Update timestamp if this is a subscription.
+		$subscriptions = self::get_all();
+		if ( isset( $subscriptions[ $url ] ) ) {
+			$subscriptions[ $url ] = \time();
+			\update_option( self::OPTION_KEY, $subscriptions );
+		}
+
+		return \count( $new_domains );
+	}
+
+	/**
+	 * Sync all subscriptions.
+	 *
+	 * Called by cron job.
+	 */
+	public static function sync_all() {
+		\array_map( array( __CLASS__, 'sync' ), \array_keys( self::get_all() ) );
+	}
+
+	/**
+	 * Parse CSV content from a string and extract domain names.
+	 *
+	 * Supports Mastodon CSV format (with #domain header) and simple
+	 * one-domain-per-line format.
+	 *
+	 * @param string $content CSV content as a string.
+	 * @return array Array of unique, valid domain names.
+	 */
+	public static function parse_csv_string( $content ) {
+		$domains = array();
+
+		if ( empty( $content ) ) {
+			return $domains;
+		}
+
+		// Split into lines.
+		$lines = \preg_split( '/\r\n|\r|\n/', $content );
+		if ( empty( $lines ) ) {
+			return $domains;
+		}
+
+		// Parse first line to detect format.
+		$first_line = \str_getcsv( $lines[0] );
+		$first_cell = \trim( $first_line[0] ?? '' );
+		$has_header = \str_starts_with( $first_cell, '#' ) || 'domain' === \strtolower( $first_cell );
+
+		// Find domain column index.
+		$domain_index = 0;
+		if ( $has_header ) {
+			foreach ( $first_line as $i => $col ) {
+				$col = \ltrim( \strtolower( \trim( $col ) ), '#' );
+				if ( 'domain' === $col ) {
+					$domain_index = $i;
+					break;
+				}
+			}
+			// Remove header from lines.
+			\array_shift( $lines );
+		}
+
+		// Process each line.
+		foreach ( $lines as $line ) {
+			$row    = \str_getcsv( $line );
+			$domain = \trim( $row[ $domain_index ] ?? '' );
+
+			// Skip empty lines and comments.
+			if ( empty( $domain ) || \str_starts_with( $domain, '#' ) ) {
+				continue;
+			}
+
+			if ( self::is_valid_domain( $domain ) ) {
+				$domains[] = \strtolower( $domain );
+			}
+		}
+
+		return \array_unique( $domains );
+	}
+
+	/**
+	 * Validate a domain name.
+	 *
+	 * @param string $domain The domain to validate.
+	 * @return bool True if valid, false otherwise.
+	 */
+	public static function is_valid_domain( $domain ) {
+		// Must contain at least one dot (filter_var would accept "localhost").
+		if ( ! \str_contains( $domain, '.' ) ) {
+			return false;
+		}
+
+		return (bool) \filter_var( $domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME );
+	}
+}
diff --git a/includes/class-scheduler.php b/includes/class-scheduler.php
index b29e0d08af..331c82849b 100644
--- a/includes/class-scheduler.php
+++ b/includes/class-scheduler.php
@@ -62,6 +62,7 @@ public static function init() {
 		\add_action( 'activitypub_outbox_purge', array( self::class, 'purge_outbox' ) );
 		\add_action( 'activitypub_inbox_purge', array( self::class, 'purge_inbox' ) );
 		\add_action( 'activitypub_inbox_create_item', array( self::class, 'process_inbox_activity' ) );
+		\add_action( 'activitypub_sync_blocklist_subscriptions', array( Blocklist_Subscriptions::class, 'sync_all' ) );
 
 		\add_action( 'post_activitypub_add_to_outbox', array( self::class, 'schedule_outbox_activity_for_federation' ) );
 		\add_action( 'post_activitypub_add_to_outbox', array( self::class, 'schedule_announce_activity' ), 10, 4 );
@@ -132,6 +133,10 @@ public static function register_schedules() {
 		if ( ! \wp_next_scheduled( 'activitypub_inbox_purge' ) ) {
 			\wp_schedule_event( time(), 'daily', 'activitypub_inbox_purge' );
 		}
+
+		if ( ! \wp_next_scheduled( 'activitypub_sync_blocklist_subscriptions' ) ) {
+			\wp_schedule_event( time(), 'weekly', 'activitypub_sync_blocklist_subscriptions' );
+		}
 	}
 
 	/**
@@ -145,6 +150,7 @@ public static function deregister_schedules() {
 		\wp_unschedule_hook( 'activitypub_reprocess_outbox' );
 		\wp_unschedule_hook( 'activitypub_outbox_purge' );
 		\wp_unschedule_hook( 'activitypub_inbox_purge' );
+		\wp_unschedule_hook( 'activitypub_sync_blocklist_subscriptions' );
 	}
 
 	/**
diff --git a/includes/wp-admin/class-admin.php b/includes/wp-admin/class-admin.php
index af99fc2032..a90408407b 100644
--- a/includes/wp-admin/class-admin.php
+++ b/includes/wp-admin/class-admin.php
@@ -7,6 +7,7 @@
 
 namespace Activitypub\WP_Admin;
 
+use Activitypub\Blocklist_Subscriptions;
 use Activitypub\Collection\Actors;
 use Activitypub\Collection\Extra_Fields;
 use Activitypub\Comment;
@@ -75,6 +76,7 @@ public static function init() {
 		\add_action( 'wp_dashboard_setup', array( self::class, 'add_dashboard_widgets' ) );
 
 		\add_action( 'wp_ajax_activitypub_moderation_settings', array( self::class, 'ajax_moderation_settings' ) );
+		\add_action( 'wp_ajax_activitypub_blocklist_subscription', array( self::class, 'ajax_blocklist_subscription' ) );
 	}
 
 	/**
@@ -1070,4 +1072,51 @@ public static function ajax_moderation_settings() {
 			\wp_send_json_error( array( 'message' => $error_message ) );
 		}
 	}
+
+	/**
+	 * AJAX handler for blocklist subscriptions (add/remove).
+	 */
+	public static function ajax_blocklist_subscription() {
+		$operation = \sanitize_text_field( \wp_unslash( $_POST['operation'] ?? '' ) );
+		$url       = \sanitize_url( \wp_unslash( $_POST['url'] ?? '' ) );
+
+		// Validate required parameters.
+		if ( ! \in_array( $operation, array( 'add', 'remove' ), true ) ) {
+			\wp_send_json_error( array( 'message' => \__( 'Invalid operation.', 'activitypub' ) ) );
+		}
+
+		if ( empty( $url ) ) {
+			\wp_send_json_error( array( 'message' => \__( 'Invalid URL.', 'activitypub' ) ) );
+		}
+
+		// Verify nonce.
+		if ( ! \wp_verify_nonce( \sanitize_text_field( \wp_unslash( $_POST['_wpnonce'] ?? '' ) ), 'activitypub_moderation_settings' ) ) {
+			\wp_send_json_error( array( 'message' => \__( 'Invalid nonce.', 'activitypub' ) ) );
+		}
+
+		if ( ! \current_user_can( 'manage_options' ) ) {
+			\wp_send_json_error( array( 'message' => \__( 'You do not have permission to perform this action.', 'activitypub' ) ) );
+		}
+
+		if ( 'add' === $operation ) {
+			// First add the subscription (validates URL format).
+			if ( ! Blocklist_Subscriptions::add( $url ) ) {
+				\wp_send_json_error( array( 'message' => \__( 'Invalid URL.', 'activitypub' ) ) );
+			}
+
+			// Then sync to validate it works and import domains.
+			$result = Blocklist_Subscriptions::sync( $url );
+			if ( false === $result ) {
+				// Remove the subscription since sync failed.
+				Blocklist_Subscriptions::remove( $url );
+				\wp_send_json_error( array( 'message' => \__( 'Failed to fetch blocklist. The URL may be unreachable or not contain valid domains.', 'activitypub' ) ) );
+			}
+
+			\wp_send_json_success();
+		} elseif ( Blocklist_Subscriptions::remove( $url ) ) {
+			\wp_send_json_success();
+		} else {
+			\wp_send_json_error( array( 'message' => \__( 'Failed to remove subscription.', 'activitypub' ) ) );
+		}
+	}
 }
diff --git a/includes/wp-admin/class-settings-fields.php b/includes/wp-admin/class-settings-fields.php
index 090a9586a1..eda17b445a 100644
--- a/includes/wp-admin/class-settings-fields.php
+++ b/includes/wp-admin/class-settings-fields.php
@@ -7,6 +7,7 @@
 
 namespace Activitypub\WP_Admin;
 
+use Activitypub\Blocklist_Subscriptions;
 use Activitypub\Moderation;
 
 use function Activitypub\home_host;
@@ -163,6 +164,14 @@ public static function register_settings_fields() {
 			'activitypub_settings',
 			'activitypub_moderation'
 		);
+
+		add_settings_field(
+			'activitypub_blocklist_subscriptions',
+			\esc_html__( 'Blocklist Subscriptions', 'activitypub' ),
+			array( self::class, 'render_blocklist_subscriptions_field' ),
+			'activitypub_settings',
+			'activitypub_moderation'
+		);
 	}
 
 	/**
@@ -535,4 +544,65 @@ public static function render_site_blocked_keywords_field() {
 		</div>
 		<?php
 	}
+
+	/**
+	 * Render blocklist subscriptions field.
+	 */
+	public static function render_blocklist_subscriptions_field() {
+		$subscriptions = Blocklist_Subscriptions::get_all();
+		?>
+		<p class="description"><?php \esc_html_e( 'Subscribe to remote blocklists that sync automatically every week.', 'activitypub' ); ?></p>
+
+		<div class="activitypub-blocklist-subscriptions">
+			<?php if ( ! empty( $subscriptions ) ) : ?>
+			<table class="widefat striped" role="presentation" style="max-width: 500px; margin: 15px 0;">
+				<thead>
+					<tr>
+						<th style="padding: 10px;"><?php \esc_html_e( 'URL', 'activitypub' ); ?></th>
+						<th style="padding: 10px;"><?php \esc_html_e( 'Last Synced', 'activitypub' ); ?></th>
+						<th style="width: 80px;"></th>
+					</tr>
+				</thead>
+				<tbody>
+				<?php foreach ( $subscriptions as $url => $timestamp ) : ?>
+					<tr>
+						<td>
+							<abbr title="<?php echo \esc_attr( $url ); ?>"><?php echo \esc_html( \wp_parse_url( $url, PHP_URL_HOST ) ); ?></abbr>
+						</td>
+						<td>
+							<?php if ( $timestamp > 0 ) : ?>
+								<?php echo \esc_html( \human_time_diff( $timestamp, \time() ) . ' ' . \__( 'ago', 'activitypub' ) ); ?>
+							<?php else : ?>
+								<em><?php \esc_html_e( 'Never', 'activitypub' ); ?></em>
+							<?php endif; ?>
+						</td>
+						<td>
+							<button type="button" class="button button-small remove-blocklist-subscription-btn" data-url="<?php echo \esc_attr( $url ); ?>">
+								<?php \esc_html_e( 'Remove', 'activitypub' ); ?>
+							</button>
+						</td>
+					</tr>
+				<?php endforeach; ?>
+				</tbody>
+			</table>
+			<?php endif; ?>
+
+			<div class="add-blocklist-subscription-form" style="display: flex; max-width: 500px; gap: 8px;">
+				<input type="url" class="regular-text" id="new_blocklist_subscription_url" placeholder="<?php \esc_attr_e( 'https://example.com/blocklist.csv', 'activitypub' ); ?>" style="flex: 1; min-width: 0;" />
+				<button type="button" class="button add-blocklist-subscription-btn" style="flex-shrink: 0; white-space: nowrap;">
+					<?php \esc_html_e( 'Subscribe', 'activitypub' ); ?>
+				</button>
+			</div>
+
+			<?php if ( ! isset( $subscriptions[ Blocklist_Subscriptions::IFTAS_DNI_URL ] ) ) : ?>
+			<p class="description" style="margin-top: 10px;">
+				<button type="button" class="button add-blocklist-subscription-btn" data-url="<?php echo \esc_attr( Blocklist_Subscriptions::IFTAS_DNI_URL ); ?>">
+					<?php \esc_html_e( 'Subscribe to IFTAS DNI List', 'activitypub' ); ?>
+				</button>
+				<?php \esc_html_e( 'A curated list of the worst actors on the fediverse.', 'activitypub' ); ?>
+			</p>
+			<?php endif; ?>
+		</div>
+		<?php
+	}
 }
diff --git a/includes/wp-admin/import/class-blocklist.php b/includes/wp-admin/import/class-blocklist.php
index 83c493846e..8b15404780 100644
--- a/includes/wp-admin/import/class-blocklist.php
+++ b/includes/wp-admin/import/class-blocklist.php
@@ -7,6 +7,7 @@
 
 namespace Activitypub\WP_Admin\Import;
 
+use Activitypub\Blocklist_Subscriptions;
 use Activitypub\Moderation;
 
 /**
@@ -16,11 +17,6 @@
  */
 class Blocklist {
 
-	/**
-	 * IFTAS DNI list URL.
-	 */
-	const IFTAS_DNI_URL = 'https://about.iftas.org/wp-content/uploads/2025/10/iftas-dni-latest.csv';
-
 	/**
 	 * Dispatch the importer based on current step.
 	 */
@@ -89,6 +85,12 @@ private static function greet() {
 					<input type="url" id="import_url" name="import_url" size="50" class="code" placeholder="https://example.com/blocklist.csv" required />
 				</label>
 			</p>
+			<p>
+				<label>
+					<input type="checkbox" name="subscribe" value="1" />
+					<?php \esc_html_e( 'Subscribe for automatic weekly updates', 'activitypub' ); ?>
+				</label>
+			</p>
 			<p class="submit">
 				<input type="submit" name="submit" id="submit" class="button" value="<?php \esc_attr_e( 'Import from URL', 'activitypub' ); ?>" />
 			</p>
@@ -98,7 +100,13 @@ private static function greet() {
 		<p><?php \esc_html_e( 'Import from a well-known blocklist:', 'activitypub' ); ?></p>
 		<form method="post" action="<?php echo \esc_url( \admin_url( 'admin.php?import=blocklist&amp;step=2' ) ); ?>">
 			<?php \wp_nonce_field( 'import-blocklist-url' ); ?>
-			<input type="hidden" name="import_url" value="<?php echo \esc_attr( self::IFTAS_DNI_URL ); ?>" />
+			<input type="hidden" name="import_url" value="<?php echo \esc_attr( Blocklist_Subscriptions::IFTAS_DNI_URL ); ?>" />
+			<p>
+				<label>
+					<input type="checkbox" name="subscribe" value="1" />
+					<?php \esc_html_e( 'Subscribe for automatic weekly updates', 'activitypub' ); ?>
+				</label>
+			</p>
 			<p>
 				<button type="submit" class="button">
 					<?php \esc_html_e( 'Import IFTAS DNI List', 'activitypub' ); ?>
@@ -187,49 +195,24 @@ private static function handle_url_import() {
 			return;
 		}
 
-		// Fetch the URL content.
-		$response = \wp_remote_get(
-			$url,
-			array(
-				'timeout'     => 30,
-				'redirection' => 5,
-			)
-		);
-
-		if ( \is_wp_error( $response ) ) {
-			\printf( '<p><strong>%s</strong><br />%s</p>', \esc_html( $error_message ), \esc_html( $response->get_error_message() ) );
-			return;
-		}
-
-		$response_code = \wp_remote_retrieve_response_code( $response );
-		if ( 200 !== $response_code ) {
-			\printf(
-				'<p><strong>%s</strong><br />%s</p>',
-				\esc_html( $error_message ),
-				/* translators: %d: HTTP response code */
-				\esc_html( \sprintf( \__( 'Failed to fetch URL. HTTP response code: %d', 'activitypub' ), $response_code ) )
-			);
-			return;
-		}
+		$result = Blocklist_Subscriptions::sync( $url );
 
-		$body = \wp_remote_retrieve_body( $response );
-		if ( empty( $body ) ) {
-			\printf( '<p><strong>%s</strong><br />%s</p>', \esc_html( $error_message ), \esc_html__( 'The URL returned empty content.', 'activitypub' ) );
+		if ( false === $result ) {
+			\printf( '<p><strong>%s</strong><br />%s</p>', \esc_html( $error_message ), \esc_html__( 'Failed to fetch or parse the blocklist URL.', 'activitypub' ) );
 			return;
 		}
 
-		$domains = self::parse_csv_string( $body );
+		// phpcs:ignore WordPress.Security.NonceVerification.Missing -- Nonce verified in dispatch().
+		$subscribe = ! empty( $_POST['subscribe'] );
 
-		if ( empty( $domains ) ) {
-			\printf( '<p><strong>%s</strong><br />%s</p>', \esc_html( $error_message ), \esc_html__( 'No valid domains found at the URL.', 'activitypub' ) );
-			return;
-		}
+		// Add subscription if requested (no need to sync again, just did it).
+		$subscribed = $subscribe && Blocklist_Subscriptions::add( $url );
 
-		self::import( $domains );
+		self::show_url_import_results( $result, $subscribed );
 	}
 
 	/**
-	 * Execute the import.
+	 * Execute the import for file uploads.
 	 *
 	 * @param array $domains Array of domains to import.
 	 */
@@ -281,16 +264,44 @@ private static function import( $domains ) {
 
 		\printf(
 			'<p><a href="%s">%s</a></p>',
-			\esc_url( \admin_url( 'options-general.php?page=activitypub&tab=settings#moderation' ) ),
+			\esc_url( \admin_url( 'options-general.php?page=activitypub&tab=settings' ) ),
 			\esc_html__( 'View blocked domains in settings', 'activitypub' )
 		);
 	}
 
 	/**
-	 * Parse a CSV file and extract domain names.
+	 * Show results for URL import.
 	 *
-	 * Supports Mastodon CSV format (with #domain header) and simple
-	 * one-domain-per-line format.
+	 * @param int  $imported   Number of domains imported.
+	 * @param bool $subscribed Whether the URL was subscribed to.
+	 */
+	private static function show_url_import_results( $imported, $subscribed ) {
+		echo '<h3>' . \esc_html__( 'Import Complete', 'activitypub' ) . '</h3>';
+
+		\printf(
+			'<p>%s</p>',
+			\esc_html(
+				\sprintf(
+					/* translators: %s: Number of domains */
+					\_n( 'Imported %s new domain.', 'Imported %s new domains.', $imported, 'activitypub' ),
+					\number_format_i18n( $imported )
+				)
+			)
+		);
+
+		if ( $subscribed ) {
+			echo '<p>' . \esc_html__( 'Subscribed for automatic weekly updates.', 'activitypub' ) . '</p>';
+		}
+
+		\printf(
+			'<p><a href="%s">%s</a></p>',
+			\esc_url( \admin_url( 'options-general.php?page=activitypub&tab=settings' ) ),
+			\esc_html__( 'View blocked domains in settings', 'activitypub' )
+		);
+	}
+
+	/**
+	 * Parse a CSV file and extract domain names.
 	 *
 	 * @param string $file_path Path to the CSV file.
 	 * @return array Array of unique, valid domain names.
@@ -306,80 +317,6 @@ public static function parse_csv( $file_path ) {
 			return array();
 		}
 
-		return self::parse_csv_string( $content );
-	}
-
-	/**
-	 * Parse CSV content from a string and extract domain names.
-	 *
-	 * Supports Mastodon CSV format (with #domain header) and simple
-	 * one-domain-per-line format.
-	 *
-	 * @param string $content CSV content as a string.
-	 * @return array Array of unique, valid domain names.
-	 */
-	public static function parse_csv_string( $content ) {
-		$domains = array();
-
-		if ( empty( $content ) ) {
-			return $domains;
-		}
-
-		// Split into lines.
-		$lines = \preg_split( '/\r\n|\r|\n/', $content );
-		if ( empty( $lines ) ) {
-			return $domains;
-		}
-
-		// Parse first line to detect format.
-		$first_line = \str_getcsv( $lines[0] );
-		$first_cell = \trim( $first_line[0] ?? '' );
-		$has_header = \str_starts_with( $first_cell, '#' ) || 'domain' === \strtolower( $first_cell );
-
-		// Find domain column index.
-		$domain_index = 0;
-		if ( $has_header ) {
-			foreach ( $first_line as $i => $col ) {
-				$col = \ltrim( \strtolower( \trim( $col ) ), '#' );
-				if ( 'domain' === $col ) {
-					$domain_index = $i;
-					break;
-				}
-			}
-			// Remove header from lines.
-			\array_shift( $lines );
-		}
-
-		// Process each line.
-		foreach ( $lines as $line ) {
-			$row    = \str_getcsv( $line );
-			$domain = \trim( $row[ $domain_index ] ?? '' );
-
-			// Skip empty lines and comments.
-			if ( empty( $domain ) || \str_starts_with( $domain, '#' ) ) {
-				continue;
-			}
-
-			if ( self::is_valid_domain( $domain ) ) {
-				$domains[] = \strtolower( $domain );
-			}
-		}
-
-		return \array_unique( $domains );
-	}
-
-	/**
-	 * Validate a domain name.
-	 *
-	 * @param string $domain The domain to validate.
-	 * @return bool True if valid, false otherwise.
-	 */
-	private static function is_valid_domain( $domain ) {
-		// Must contain at least one dot (filter_var would accept "localhost").
-		if ( ! \str_contains( $domain, '.' ) ) {
-			return false;
-		}
-
-		return (bool) \filter_var( $domain, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME );
+		return Blocklist_Subscriptions::parse_csv_string( $content );
 	}
 }
diff --git a/tests/phpunit/tests/includes/class-test-blocklist-subscriptions.php b/tests/phpunit/tests/includes/class-test-blocklist-subscriptions.php
new file mode 100644
index 0000000000..51b1110c39
--- /dev/null
+++ b/tests/phpunit/tests/includes/class-test-blocklist-subscriptions.php
@@ -0,0 +1,150 @@
+<?php
+/**
+ * Test Blocklist_Subscriptions class.
+ *
+ * @package Activitypub
+ */
+
+namespace Activitypub\Tests;
+
+use Activitypub\Blocklist_Subscriptions;
+
+/**
+ * Test Blocklist_Subscriptions class.
+ *
+ * @coversDefaultClass \Activitypub\Blocklist_Subscriptions
+ */
+class Test_Blocklist_Subscriptions extends \WP_UnitTestCase {
+
+	/**
+	 * Clean up after each test.
+	 */
+	public function tear_down(): void {
+		\delete_option( Blocklist_Subscriptions::OPTION_KEY );
+		parent::tear_down();
+	}
+
+	/**
+	 * Test get_all returns empty array when no subscriptions exist.
+	 *
+	 * @covers ::get_all
+	 */
+	public function test_get_all_returns_empty_array() {
+		$subscriptions = Blocklist_Subscriptions::get_all();
+
+		$this->assertIsArray( $subscriptions );
+		$this->assertEmpty( $subscriptions );
+	}
+
+	/**
+	 * Test get_all returns existing subscriptions.
+	 *
+	 * @covers ::get_all
+	 */
+	public function test_get_all_returns_subscriptions() {
+		$expected = array(
+			'https://example.com/blocklist.csv' => 1234567890,
+			'https://test.org/list.csv'         => 1234567891,
+		);
+		\update_option( Blocklist_Subscriptions::OPTION_KEY, $expected );
+
+		$subscriptions = Blocklist_Subscriptions::get_all();
+
+		$this->assertSame( $expected, $subscriptions );
+	}
+
+	/**
+	 * Test remove removes an existing subscription.
+	 *
+	 * @covers ::remove
+	 */
+	public function test_remove_existing_subscription() {
+		$subscriptions = array(
+			'https://example.com/blocklist.csv' => 1234567890,
+			'https://test.org/list.csv'         => 1234567891,
+		);
+		\update_option( Blocklist_Subscriptions::OPTION_KEY, $subscriptions );
+
+		$result = Blocklist_Subscriptions::remove( 'https://example.com/blocklist.csv' );
+
+		$this->assertTrue( $result );
+		$remaining = Blocklist_Subscriptions::get_all();
+		$this->assertCount( 1, $remaining );
+		$this->assertArrayNotHasKey( 'https://example.com/blocklist.csv', $remaining );
+		$this->assertArrayHasKey( 'https://test.org/list.csv', $remaining );
+	}
+
+	/**
+	 * Test remove returns false for non-existent subscription.
+	 *
+	 * @covers ::remove
+	 */
+	public function test_remove_nonexistent_subscription() {
+		$result = Blocklist_Subscriptions::remove( 'https://nonexistent.com/list.csv' );
+
+		$this->assertFalse( $result );
+	}
+
+	/**
+	 * Test add returns false for empty URL.
+	 *
+	 * @covers ::add
+	 */
+	public function test_add_empty_url() {
+		$result = Blocklist_Subscriptions::add( '' );
+
+		$this->assertFalse( $result );
+		$this->assertEmpty( Blocklist_Subscriptions::get_all() );
+	}
+
+	/**
+	 * Test add returns false for invalid URL format.
+	 *
+	 * @covers ::add
+	 */
+	public function test_add_invalid_url_format() {
+		// URL with spaces is invalid.
+		$result = Blocklist_Subscriptions::add( 'https://invalid url with spaces.com' );
+
+		$this->assertFalse( $result );
+		$this->assertEmpty( Blocklist_Subscriptions::get_all() );
+	}
+
+	/**
+	 * Test add returns true for already subscribed URL.
+	 *
+	 * @covers ::add
+	 */
+	public function test_add_already_subscribed() {
+		$url = 'https://example.com/blocklist.csv';
+		\update_option(
+			Blocklist_Subscriptions::OPTION_KEY,
+			array( $url => 1234567890 )
+		);
+
+		$result = Blocklist_Subscriptions::add( $url );
+
+		$this->assertTrue( $result );
+	}
+
+	/**
+	 * Test sync returns false when URL contains no valid domains.
+	 *
+	 * @covers ::sync
+	 */
+	public function test_sync_returns_false_for_no_valid_domains() {
+		$filter_http_request = function () {
+			return array(
+				'response' => array( 'code' => 200 ),
+				'body'     => "<html>\n<head><title>Not a blocklist</title></head>\n<body>Hello World</body>\n</html>",
+			);
+		};
+		\add_filter( 'pre_http_request', $filter_http_request );
+
+		$result = Blocklist_Subscriptions::sync( 'https://example.com/not-a-blocklist.html' );
+
+		\remove_filter( 'pre_http_request', $filter_http_request );
+
+		$this->assertFalse( $result );
+	}
+}