A while back, Google Chrome released an update designed to block forced redirect ads and pop-up ads. Of course, we were relieved as we thought it was the beginning to the end of ad redirection.
Sadly, we were wrong.
While various web browsers including Chrome and Firefox are now set up to block ad redirection, they don’t necessarily understand the difference between a “‘good” redirect and a “bad” redirect. Their coding simply directs them to block any and all pop-ups and redirects to save the user experience.
Additionally, forced redirect ads still slip through the cracks, and publishers are unable to figure out exactly where these forced redirect ads are coming from.
In this article, we’re going to tell you everything you need to know about forced ad redirects, including how to prevent them. Keep reading to learn more.
What Exactly Are Redirect Ads?
Basically, when a user visits a web page to get to specific content, and they get redirected to a different webpage without warning, it’s an ad redirect. This happens when there’s a third-party network running auto-redirecting ads on various sites and apps, and it often leads to a seemingly endless amount of pop-up ads cropping up on the screen — many of which directly install malicious software onto the user’s device.
Of course, the user has no idea that a third-party network is involved. They typically assume it’s the website owner that’s doing this while the owner in question has no idea these redirects are happening.
As a result, the user ends up installing an ad-blocker which in turn negatively impacts the publisher’s ad revenue earnings. Ad redirects are also challenging for publishers to detect and block because the advertisers serving the ads often change their ads’ behavior once they’ve been approved for space.
How Are They Implemented?
Most industry professionals are acutely aware of the fact that forced ad redirects are hard to pinpoint because they only appear under certain conditions, i.e., the time of the day, geographical location, wireless carrier, etc. This is essentially what allows redirects to surpass most ad security protocols.
The most common ways that ad redirects are placed, however, include the following:
- Ad Request Manipulation, which is when an ad request moves through various parties — ad networks, ad exchanges, etc. — before being sold. The bad actors involved embed malicious code this way, sending it back to the user’s device to redirect them.
- Malicious Code Implementation. While an ad is being created, it’s also being hard-coded with malicious redirection codes. The malicious codes are designed to go off when a user gives an impression or clicks on an ad, resulting in the user’s screen getting bombarded with ads and tabs that open on their own.
- Meta Refresh Tags. These tags are used to redirect users to a new tab or completely refresh their existing tabs. This is where cybercriminals make a move to manipulate the meta fresh tags and install an invisible countdown that counts down to a forced redirect.
It’s important to keep in mind that not all redirects come with malicious intent. However, it’s best practice to assume that they do, especially considering that regardless of intent, they will cause your bounce rate to spike.
How to Identify and Prevent Forced Redirect Ads
There are a handful of things you need to do if you want to be able to manage the number of forced redirects that crop up on your website. You may not be able to fully prevent redirects, but by taking the following actions, you’ll be able to clean up your site as much as possible.
Here’s what you need to do:
Start monitoring the redirects
This is arguably the most difficult step in identifying redirects, but that’s mostly because publishers don’t realize what’s happening until they see a significant decrease in their ad revenue.
Once a publisher starts monitoring for the redirects, they can start determining their main source. To do this, you would need to use a specific web proxy that detects and records the data received by your web browser. This is known as a Charles proxy, and it’ll give you insight into the requests being transferred when your site is accessed.
Use the right technology
There are redirect detection tools out there that can help your website detect the number of redirects per ad unit. Most of these tools can also be used to further identify the cybercriminal behind the redirects.
The only downside to using detection technology is that the service works by scanning all the ad units on a web page before allowing them to load onto the user’s browser which causes page latency.
Reevaluate your SSPS and other networks
Make sure that you have reliable demand partners on your side before giving them access to your ad units. While it’s best to work with multiple partners to maximize your ad revenue, you want to avoid anyone who utilizes the practice of redirects.
It also helps to manually turn off demand partners one at a time to see if the ad redirects slow down or stop with each one. If you find a partner that’s contributing to your redirect problem, you can reach out to them to let them know and ask them to reevaluate their partners and do the same.
Of course, this only works for header bidding and private exchanges.
Use SafeFrame
You can restrict the behavior of poor ad behavior by using SafeFrame’s technology. With SafeFrame, ads are put directly inside a safe iFrame box that prevents them from “misbehaving.”
Unfortunately, this option tends to restrict third-party vendors from accessing important data from publishers’ sites. This would include viewability analyzing tools and brand safety products
Dealing with forced ad redirects is an ongoing process. Think of it as website maintenance — but don’t wait until your ad revenue drops. Otherwise, you’ll have to work twice as hard to recoup that ad revenue.
Thanks