How to Deal With Forced Ad Redirects

Reading time: 4 minutes

A while back, Google Chrome released an update designed to block forced redirect ads and pop-up ads. Of course, we were relieved as we thought it was the beginning to the end of ad redirection.

Sadly, we were wrong.

While various web browsers including Chrome and Firefox are now set up to block ad redirection, they don’t necessarily understand the difference between a “‘good” redirect and a “bad” redirect. Their coding simply directs them to block any and all pop-ups and redirects to save the user experience.

Additionally, forced redirect ads still slip through the cracks, and publishers are unable to figure out exactly where these forced redirect ads are coming from.

In this article, we’re going to tell you everything you need to know about forced ad redirects, including how to prevent them. Keep reading to learn more.

What Exactly Are Redirect Ads?

Basically, when a user visits a web page to get to specific content, and they get redirected to a different webpage without warning, it’s an ad redirect. This happens when there’s a third-party network running auto-redirecting ads on various sites and apps, and it often leads to a seemingly endless amount of pop-up ads cropping up on the screen — many of which directly install malicious software onto the user’s device. 

Of course, the user has no idea that a third-party network is involved. They typically assume it’s the website owner that’s doing this while the owner in question has no idea these redirects are happening.

As a result, the user ends up installing an ad-blocker which in turn negatively impacts the publisher[6]’s ad revenue earnings. Ad redirects are also challenging for publishers to detect and block because the advertisers serving the ads often change their ads’ behavior once they’ve been approved for space.    

How Are They Implemented?

Most industry professionals are acutely aware of the fact that forced ad redirects are hard to pinpoint because they only appear under certain conditions, i.e., the time of the day, geographical location, wireless carrier, etc. This is essentially what allows redirects to surpass most ad security protocols.

The most common ways that ad redirects are placed, however, include the following:

  • Ad Request[1] Manipulation, which is when an ad request moves through various parties — ad networks, ad exchanges, etc. — before being sold. The bad actors involved embed malicious code this way, sending it back to the user’s device to redirect them.
  • Malicious Code Implementation. While an ad is being created, it’s also being hard-coded with malicious redirection codes. The malicious codes are designed to go off when a user gives an impression[2] or clicks on an ad, resulting in the user’s screen getting bombarded with ads and tabs that open on their own. 
  • Meta Refresh Tags. These tags are used to redirect users to a new tab or completely refresh their existing tabs. This is where cybercriminals make a move to manipulate the meta fresh tags and install an invisible countdown that counts down to a forced redirect.

It’s important to keep in mind that not all redirects come with malicious intent. However, it’s best practice to assume that they do, especially considering that regardless of intent, they will cause your bounce rate[3] to spike. 

How to Identify and Prevent Forced Redirect Ads

There are a handful of things you need to do if you want to be able to manage the number of forced redirects that crop up on your website. You may not be able to fully prevent redirects, but by taking the following actions, you’ll be able to clean up your site as much as possible. 

Here’s what you need to do:

Start monitoring the redirects

This is arguably the most difficult step in identifying redirects, but that’s mostly because publishers don’t realize what’s happening until they see a significant decrease in their ad revenue. 

Once a publisher starts monitoring for the redirects, they can start determining their main source. To do this, you would need to use a specific web proxy that detects and records the data received by your web browser. This is known as a Charles proxy, and it’ll give you insight into the requests being transferred when your site is accessed. 

Use the right technology

There are redirect detection tools out there that can help your website detect the number of redirects per ad unit[7]. Most of these tools can also be used to further identify the cybercriminal behind the redirects.

The only downside to using detection technology is that the service works by scanning all the ad units on a web page before allowing them to load onto the user’s browser which causes page latency.

Reevaluate your SSPS and other networks

Make sure that you have reliable demand partners on your side before giving them access to your ad units. While it’s best to work with multiple partners to maximize your ad revenue, you want to avoid anyone who utilizes the practice of redirects.

It also helps to manually turn off demand partners one at a time to see if the ad redirects slow down or stop with each one. If you find a partner that’s contributing to your redirect problem, you can reach out to them to let them know and ask them to reevaluate their partners and do the same. 

Of course, this only works for header bidding[4] and private exchanges.

Use SafeFrame

You can restrict the behavior of poor ad behavior by using SafeFrame’s technology. With SafeFrame, ads are put directly inside a safe iFrame[8] box that prevents them from “misbehaving.”

Unfortunately, this option tends to restrict third-party vendors from accessing important data from publishers’ sites. This would include viewability[5] analyzing tools and brand safety products

Dealing with forced ad redirects is an ongoing process. Think of it as website maintenance — but don’t wait until your ad revenue drops. Otherwise, you’ll have to work twice as hard to recoup that ad revenue.

1. Ad Request. Ad Request is an action where your website sends a request to your ad server to fill an ad unit with an advertisement. An ad request is made when a user starts loading your webpage/mobile app. The ad request action will happen for every ad unit on a specific webpage. Ad requests can be counted even if no ads were returned/delivered from your advertisers.
2. impression. Impression is when a user views an ad on a page or when an ad is displayed on a webpage.
3. bounce rate. Percentage of users that visit a page and then leave the site in a short time frame without visiting any other pages at that site.
4. header bidding. Header bidding is an ad technology that allows publishers to earn to most ad revenue possible for their ad inventory by ensuring the highest bidding ad is served.
5. viewability. Viewability relates to the amount of time a user saw an ad.

Recent Articles

Related Articles

1 Comment

Leave A Reply

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay connected

Don't miss out on the latest news, events and special announcements.

By submitting this form, you agree that you've read and accept our Privacy Policy as well as to receive communications from You may unsubscribe at any time.