diff --git a/docker-compose.yml b/docker-compose.yml
index 70a68019..6cc03e12 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -80,8 +80,8 @@ services:
     mssql:
         image: mcr.microsoft.com/mssql/server:2022-latest
         environment:
-          - ACCEPT_EULA=Y
-          - SA_PASSWORD=P@ssword # must be the same as TENANCY_TEST_SQLSRV_PASSWORD
+            ACCEPT_EULA: "Y"
+            SA_PASSWORD: "P@ssword" # must be the same as TENANCY_TEST_SQLSRV_PASSWORD
         healthcheck: # https://github.com/Microsoft/mssql-docker/issues/133#issuecomment-1995615432
             test: timeout 2 bash -c 'cat < /dev/null > /dev/tcp/127.0.0.1/1433'
             interval: 10s
diff --git a/src/Database/Concerns/PendingScope.php b/src/Database/Concerns/PendingScope.php
index 99a5ef59..e8805d8a 100644
--- a/src/Database/Concerns/PendingScope.php
+++ b/src/Database/Concerns/PendingScope.php
@@ -14,7 +14,7 @@ class PendingScope implements Scope
     /**
      * Apply the scope to a given Eloquent query builder.
      *
-     * @param Builder<Model> $builder
+     * @param Builder<covariant Model> $builder
      *
      * @return void
      */
diff --git a/src/Database/ParentModelScope.php b/src/Database/ParentModelScope.php
index 44f4ac12..9268fea9 100644
--- a/src/Database/ParentModelScope.php
+++ b/src/Database/ParentModelScope.php
@@ -12,7 +12,7 @@ use Illuminate\Database\Eloquent\Scope;
 class ParentModelScope implements Scope
 {
     /**
-     * @param Builder<Model> $builder
+     * @param Builder<covariant Model> $builder
      */
     public function apply(Builder $builder, Model $model): void
     {
diff --git a/src/Database/TenantScope.php b/src/Database/TenantScope.php
index 94ff4572..c6ce5f09 100644
--- a/src/Database/TenantScope.php
+++ b/src/Database/TenantScope.php
@@ -13,7 +13,7 @@ use Stancl\Tenancy\Tenancy;
 class TenantScope implements Scope
 {
     /**
-     * @param Builder<Model> $builder
+     * @param Builder<covariant Model> $builder
      */
     public function apply(Builder $builder, Model $model)
     {
diff --git a/src/Jobs/DeleteDatabase.php b/src/Jobs/DeleteDatabase.php
index b59a1c05..ad022fda 100644
--- a/src/Jobs/DeleteDatabase.php
+++ b/src/Jobs/DeleteDatabase.php
@@ -22,12 +22,34 @@ class DeleteDatabase implements ShouldQueue
         protected TenantWithDatabase&Model $tenant,
     ) {}
 
+    /** Skip database deletion if the create_database internal attribute is false. */
+    public static bool $skipWhenCreateDatabaseIsFalse = true;
+
+    /** Ignore exceptions thrown during database deletion and continue execution. */
+    public static bool $ignoreFailures = false;
+
     public function handle(): void
     {
+        if (static::$skipWhenCreateDatabaseIsFalse && $this->tenant->getInternal('create_database') === false) {
+            // If database creation was skipped, we presume deletion should also be skipped.
+            // To avoid this skip, either unset the `create_database` attribute (or make it true), or
+            // set the $skipWhenCreateDatabaseIsFalse static property to false.
+            return;
+        }
+
         event(new DeletingDatabase($this->tenant));
 
-        $this->tenant->database()->manager()->deleteDatabase($this->tenant);
+        $deleted = false;
 
-        event(new DatabaseDeleted($this->tenant));
+        try {
+            $this->tenant->database()->manager()->deleteDatabase($this->tenant);
+            $deleted = true;
+        } catch (\Throwable $e) {
+            if (! static::$ignoreFailures) {
+                throw $e;
+            }
+        }
+
+        if ($deleted) event(new DatabaseDeleted($this->tenant));
     }
 }
diff --git a/src/Middleware/PreventAccessFromUnwantedDomains.php b/src/Middleware/PreventAccessFromUnwantedDomains.php
index cdfa3b2c..7f628583 100644
--- a/src/Middleware/PreventAccessFromUnwantedDomains.php
+++ b/src/Middleware/PreventAccessFromUnwantedDomains.php
@@ -31,10 +31,12 @@ class PreventAccessFromUnwantedDomains
     {
         $route = tenancy()->getRoute($request);
 
-        if ($this->shouldBeSkipped($route) || tenancy()->routeIsUniversal($route)) {
+        if ($this->shouldBeSkipped($route)) {
             return $next($request);
         }
 
+        // If the route is universal, neither of these checks will pass and the logic will
+        // fall through to the $next($request) call at the end.
         if ($this->accessingTenantRouteFromCentralDomain($request, $route) || $this->accessingCentralRouteFromTenantDomain($request, $route)) {
             $abortRequest = static::$abortRequest ?? function () {
                 abort(404);
diff --git a/src/Resolvers/DomainTenantResolver.php b/src/Resolvers/DomainTenantResolver.php
index 9535cdf2..59ebb81f 100644
--- a/src/Resolvers/DomainTenantResolver.php
+++ b/src/Resolvers/DomainTenantResolver.php
@@ -7,6 +7,7 @@ namespace Stancl\Tenancy\Resolvers;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Database\Eloquent\Relations\Relation;
+use Illuminate\Support\Arr;
 use Illuminate\Support\Str;
 use Stancl\Tenancy\Contracts\Domain;
 use Stancl\Tenancy\Contracts\SingleDomainTenant;
@@ -58,7 +59,19 @@ class DomainTenantResolver extends Contracts\CachedTenantResolver
 
     public static function isSubdomain(string $domain): bool
     {
-        return Str::endsWith($domain, config('tenancy.identification.central_domains'));
+        $centralDomains = Arr::wrap(config('tenancy.identification.central_domains'));
+
+        if (in_array($domain, $centralDomains, true)) {
+            return false;
+        }
+
+        foreach ($centralDomains as $centralDomain) {
+            if (Str::endsWith($domain, '.' . $centralDomain)) {
+                return true;
+            }
+        }
+
+        return false;
     }
 
     public function resolved(Tenant $tenant, mixed ...$args): void
diff --git a/tests/DatabasePreparationTest.php b/tests/DatabasePreparationTest.php
index 1f3a4f09..ccf7eb2e 100644
--- a/tests/DatabasePreparationTest.php
+++ b/tests/DatabasePreparationTest.php
@@ -2,17 +2,27 @@
 
 declare(strict_types=1);
 
+use Illuminate\Database\QueryException;
 use Illuminate\Support\Facades\Event;
 use Illuminate\Support\Facades\Schema;
 use Stancl\JobPipeline\JobPipeline;
 use Stancl\Tenancy\Events\TenantCreated;
+use Stancl\Tenancy\Events\TenantDeleted;
 use Stancl\Tenancy\Jobs\CreateDatabase;
+use Stancl\Tenancy\Jobs\DeleteDatabase;
 use Stancl\Tenancy\Jobs\MigrateDatabase;
 use Stancl\Tenancy\Jobs\SeedDatabase;
 use Stancl\Tenancy\Tests\Etc\Tenant;
 use Illuminate\Foundation\Auth\User as Authenticable;
 use Stancl\Tenancy\Tests\Etc\TestSeeder;
 
+beforeEach($cleanup = function () {
+    DeleteDatabase::$ignoreFailures = false;
+    DeleteDatabase::$skipWhenCreateDatabaseIsFalse = true;
+});
+
+afterEach($cleanup);
+
 test('database can be created after tenant creation', function () {
     config(['tenancy.database.template_tenant_connection' => 'mysql']);
 
@@ -82,6 +92,73 @@ test('custom job can be added to the pipeline', function () {
     });
 });
 
+test('database can be deleted after tenant deletion', function () {
+    Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
+        return $event->tenant;
+    })->toListener());
+
+    Event::listen(TenantDeleted::class, JobPipeline::make([DeleteDatabase::class])->send(function (TenantDeleted $event) {
+        return $event->tenant;
+    })->toListener());
+
+    $tenant = Tenant::create();
+    $manager = $tenant->database()->manager();
+
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeTrue();
+
+    $tenant->delete();
+
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+});
+
+test('database deletion is skipped when create_database is false', function (bool $skipWhenCreateDatabaseIsFalse) {
+    Event::listen(TenantDeleted::class, JobPipeline::make([DeleteDatabase::class])->send(function (TenantDeleted $event) {
+        return $event->tenant;
+    })->toListener());
+
+    // create_database=false means no DB is created (e.g. tenant uses a pre-existing DB)
+    // On deletion, DeleteDatabase should skip rather than attempting DROP DATABASE on a non-existent DB
+    $tenant = Tenant::create(['tenancy_create_database' => false, 'tenancy_db_name' => 'non_existing_db']);
+
+    $manager = $tenant->database()->manager();
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+
+    DeleteDatabase::$skipWhenCreateDatabaseIsFalse = $skipWhenCreateDatabaseIsFalse;
+
+    if ($skipWhenCreateDatabaseIsFalse) {
+        $tenant->delete(); // no exception
+    } else {
+        expect(fn () => $tenant->delete())->toThrow(QueryException::class, "database doesn't exist");
+    }
+
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+})->with([true, false]);
+
+test('database deletion failure is ignored when ignoreFailures is true', function (bool $ignoreFailures) {
+    Event::listen(TenantCreated::class, JobPipeline::make([CreateDatabase::class])->send(function (TenantCreated $event) {
+        return $event->tenant;
+    })->toListener());
+
+    Event::listen(TenantDeleted::class, JobPipeline::make([DeleteDatabase::class])->send(function (TenantDeleted $event) {
+        return $event->tenant;
+    })->toListener());
+
+    DeleteDatabase::$ignoreFailures = $ignoreFailures;
+
+    $tenant = Tenant::create();
+    $manager = $tenant->database()->manager();
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeTrue();
+
+    $manager->deleteDatabase($tenant); // manually delete so the job fails
+    expect($manager->databaseExists($tenant->database()->getName()))->toBeFalse();
+
+    if ($ignoreFailures) {
+        $tenant->delete(); // no exception
+    } else {
+        expect(fn () => $tenant->delete())->toThrow(QueryException::class, "database doesn't exist");
+    }
+})->with([true, false]);
+
 class User extends Authenticable
 {
     protected $guarded = [];
diff --git a/tests/EarlyIdentificationTest.php b/tests/EarlyIdentificationTest.php
index e6c08d26..4521b613 100644
--- a/tests/EarlyIdentificationTest.php
+++ b/tests/EarlyIdentificationTest.php
@@ -300,7 +300,7 @@ test('using different default route modes works with global domain identificatio
         $exception = match ($middleware) {
             InitializeTenancyByDomain::class => TenantCouldNotBeIdentifiedOnDomainException::class,
             InitializeTenancyBySubdomain::class => NotASubdomainException::class,
-            InitializeTenancyByDomainOrSubdomain::class => NotASubdomainException::class,
+            InitializeTenancyByDomainOrSubdomain::class => TenantCouldNotBeIdentifiedOnDomainException::class,
         };
 
         expect(fn () => $this->withoutExceptionHandling()->get('http://localhost/central-route'))->toThrow($exception);
diff --git a/tests/SubdomainTest.php b/tests/SubdomainTest.php
index a7cc58ae..62e002f2 100644
--- a/tests/SubdomainTest.php
+++ b/tests/SubdomainTest.php
@@ -7,6 +7,7 @@ use Stancl\Tenancy\Database\Concerns\HasDomains;
 use Stancl\Tenancy\Exceptions\NotASubdomainException;
 use Stancl\Tenancy\Middleware\InitializeTenancyBySubdomain;
 use Stancl\Tenancy\Database\Models;
+use Stancl\Tenancy\Resolvers\DomainTenantResolver;
 use function Stancl\Tenancy\Tests\pest;
 
 beforeEach(function () {
@@ -108,6 +109,14 @@ test('we cant use a subdomain that doesnt belong to our central domains', functi
         ->get('http://foo.localhost/foo/abc/xyz');
 });
 
+test('domain resolver correctly determines if string is a subdomain', function() {
+    config(['tenancy.identification.central_domains' => ['site.com', 'blog.site.com']]);
+
+    expect(DomainTenantResolver::isSubdomain('blog.site.com'))->toBeFalse();
+    expect(DomainTenantResolver::isSubdomain('tenant.site.com'))->toBeTrue();
+    expect(DomainTenantResolver::isSubdomain('tenantsite.com'))->toBeFalse();
+});
+
 class SubdomainTenant extends Models\Tenant
 {
     use HasDomains;