1. Home
  2. Forums Index
  3. Search Engines and SEO / Google AdSense - Display Ads 12:07 pm Apr 17, 2026

Forum Moderators: martinibuster

Message Too Old, No Replies

Getting Clickbombed and Frustrated

         

friedclyde

1:27 pm on Dec 16, 2020 (gmt 0)

5+ Year Member



Hi, I haven't been here for a long time, my adsense income has been a trickle but its been something that helps pays a few bills and I depend on it.

A few months ago I started using gtranslate (paid) on subdomains nl.url.com etc and everything was fine I had a bit of a bump in search engine traffic.

One day I wake up and my adsense is out of the roof, i knew it was a click bomb i dint bother because I knew it would reset, but this went on every reset it went back to getting bombed. I filled up the invalid click form and got no response.

Then I noticed I was getting a lot of activity or visitors from the gtranslate ip, I reached out to them and they said that they pass on the ips etc but my wordfence was still showing me their server ips and not the visitor.

So I just blocked their entire ip range, I del my sub domains, but it dint stop, but the wierdst part is, its been around 36 hours that I have completely removed adsense and im still getting clicks.

I'v looked at my analytics its not showing me any clicks on ads, then iv gone through server logs loads of it, I have not found anything really odd, searched via browsers black listed ips and had no luck, i cleared out my ads.txt file and only left my account.

I also use advanced ads and I used the click fraud feature as well as blocked bots from seeing ads, but nothing seems to have stopped this.

I have clicks from the Netherlands and Zimbabwe and Russia, ads are only allowed to appear on my website and I have no clue what's going on.

Any kind of light here will be appreciated this is the first time in over a decade i'm dealing with something like this. Its been over two weeks now and after a week or so, even my real clicks stopped making any $.

Thank you

engine

3:05 pm on Dec 16, 2020 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



Welcome back.

It's really important you try and get to the bottom of it because you are responsible, and Google has its way of dealing with this which punishes the AdSense publisher.

I'm sure there are lots of questions, but one worth exploring - has your site been cloned? Do a search and start looking just in case.

Added, here's what Google AdSense says [support.google.com...]

NickMNS

3:14 pm on Dec 16, 2020 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



My guess is that gTranslate has cached a version of your website, and that cached version is still available.

NickMNS

3:53 pm on Dec 16, 2020 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



One more thought. Are the clicks in AdSense showing as being from your own domain, or from a gTranslate domain?

engine

4:02 pm on Dec 16, 2020 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



> gTranslate has cached a version of your website

Good point. I thought there was no persistence with the cache, unless someone has saved it.

puente

11:18 pm on Dec 16, 2020 (gmt 0)

5+ Year Member Top Contributors Of The Month



had the same issue myself multiple times in the past. italy was a big nuisance in majority of my cases. first, be sure in adsense you specify/register your sites. that helps if someone scrapes your pages with your ads and serves them from another site/server. then you have 2 choices:
- manually or semi-manually combat the offenders by checking your logs and blocking abusers or their network prefixes or even their countries.
- use services like cloudflare to do the job but much more easily.

i did the former for a long period and eventually got battle fatigued. then i switched to the latter, cloudflare, and haven't looked back. some day cloudflare will become too big and evil but for now can't thank them enough. they give away a crap ton of services for free.

friedclyde

6:14 am on Dec 19, 2020 (gmt 0)

5+ Year Member



Just putting up an update here, Gtranslate asked me to remove their code from the .htaccess which ideally should have happened when i disabled their plugin a week ago. They insist that my site isnt cached with them anymore and the traffic will stop when the search engine de indexes the pages.... for some reason i find these contradictory

Adsense responded which was a shocker ;) But I have doubts they will provide me with the info i asked for basically where are the clicks coming from cause i'm still lost.

I moved to cloudflare, disabled wordfence, this month is gone for me I have missed the bus, the cherry on the cow dung cake this year has been :) But my site looks so much better without ads :D

Thanks for the suggestions, cloudflare has been blocking some traffic from netherlands which never even showed up in my analytics so I think its working fingers crossed. I'm just going to give it a day or two and then try putting up the ads again :| Have a wonderful season!

engine

11:34 am on Dec 20, 2020 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



Thanks for the update, friedclyde, and it sounds you may have it sorted.

friedclyde

5:35 am on Dec 27, 2020 (gmt 0)

5+ Year Member



Yes its absolutely sorted.... i dont have any more clickbombing cause I have no ads from Adsense anymore, they stopped serving ads because of invalid clicks. I have been with adsense since 2004/6 around that time so this is the first time I have dealt with this. My usual claw back has been negligible.

Gtranslate may have been making it easier for them but the problem overall is much large.
Why has it been so tough to stop these clicks, cause I believe its not just bots but real humans with nothing better to do during the lockdown. They are passing through the js tasks on cloudflare and clicking on ads.

Their coming in through vpns specially Tor and their ips are changing continously so i have made a lil more than a 100 this month which would be close to 4 digits if not over 4 digits. So I have spoken to cloudways and they ask me for some kind of proof evidence of whats going on and all i can show them is googles notice for invalid clicks lol

I blocked Tor completely and 2 days later my ads were taken down. So i'm just going to wait it out for now, hopefully cloudflare will pick up some more stuff automatically and ill poke around put some medianet ads maybe and check if I get clicked there lol :D

Then add adsense back.

tangor

9:34 am on Dec 27, 2020 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Meanwhile, while waiting for the automagicaladstuff to come back to life, don't forget Direct Sales. Surely there are companies and others that might want to piggy on your back if the dollars are right? (Been doing that near 20 years, and never looked back.)

Just a suggestion!

Hopefully your recent ugly has been fully sorted!

puente

7:34 pm on Dec 29, 2020 (gmt 0)

5+ Year Member Top Contributors Of The Month



@friedclyde are you saying adsense actually blacklisted you or you yourself removed the adsense tags?

if the former, there had to be a ton of bad clicks and in that case you must have been targeted for people to actually expend the time and resources to worm their way to your site just to click ads.

acts like that are normally followed by bitcoin ransom demands, unless it's a jilted lover with ample time determined to annoy you.

friedclyde

6:29 am on Dec 30, 2020 (gmt 0)

5+ Year Member



@tangor Well i'm open to direct sales but I am not sure how to price them I usually ask for a premium above what I make from adsense, it never really worked lol. Could you suggest should it be lower than adsense and rotate them or something?

@puente hi, so iv ended up blocking tor completely and 3 countries so far that don't affect my rev too much but have been mainly responsible for this. Google removed the ads, and told me it will usually be reinstated within 30 days and sometimes longer. But im already seeing a lil more ads coming in yesterday i made a $1 +.25 :D today $3 and the coverage is increasing so im kindof happy.

Jilted lover across the world, send me a ticket please even though im positive its my balding head that you find attractive. Bit coin ransom is a little too far fetched, maybe a competitor or something on those lines or just someone who doesnt approves of the content we put out :|

tangor

8:43 am on Dec 31, 2020 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



@friedclyde ... Direct sales is a bit different than cut and paste. Involves actually talking to the advertiser and setting/meeting goals both agree are possible for a set fee.

In other words, it takes a bit of work. But done with good heart and full effort, pays WAY more than the cut and paste stuff. :)

And both parties walk away with large smiles.

friedclyde

12:40 pm on Dec 31, 2020 (gmt 0)

5+ Year Member



Thanks Tangor

I just started getting some ads and can you believe im getting clicked from the country that is in the block list, im honestly fed up one month and i havent been able to get this right wow

tangor

4:14 am on Jan 5, 2021 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Gotta ask, where is your "block list" located? If on g, that's not sufficient.

Do your blocks at site level via .htaccess---or other equivalent if not Apache ...

das_bends

8:52 am on Jan 11, 2021 (gmt 0)

5+ Year Member Top Contributors Of The Month



Did you ever end up resolving this?

friedclyde

2:02 pm on Feb 23, 2021 (gmt 0)

5+ Year Member



No im still struggling with it,,,,, iv done everything mentioned here.... this is really driving me mad iv had virtually 3 months of revenue and im thankful that I have a side stream of revenue that is offline atm otherwise i would be finished.

Seriously the last year was bad and i made $100 odd in december when it should have been a $1000+ which helps me get through the bad months of the year.

Iv done each and every thing mentioned here but it stops for a day or two and comes back again.

friedclyde

2:06 pm on Feb 23, 2021 (gmt 0)

5+ Year Member



@tangor i have the blocklist on cloudflare and wordfence
yes i have two paid firewalls
today i enabled another free one....

tangor

6:03 am on Feb 24, 2021 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



@friedclyed ... Sounds like progress being made. Do you do any blocklist at YOUR end? The off site sourced can help, but in the end only YOU know what really needs to be blocked (from raw logs).

friedclyde

8:17 pm on Feb 25, 2021 (gmt 0)

5+ Year Member



what do you think about this?

https://arxiv.org/ftp/arxiv/papers/1509/1509.07741.pdf



[edited by: not2easy at 9:02 pm (utc) on Feb 25, 2021]
[edit reason] delinked pdf file for accessiblity [/edit]

NickMNS

9:40 pm on Feb 25, 2021 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



It's an interesting paper. I would be surprised if it were still possible today, but it is not impossible. There is link to the code so you could always try yourself.

The important part of this is that the website receiving the clicks is not the one receiving the traffic. In your case you are receiving the clicks, and not the traffic. If i understood the paper correctly, this means that your website is being loaded in an iFrame, and then ads are being clicked.

You can prevent this by setting the http header "X-FRAME-OPTIONS" to "deny" for all iframes everywhere or "same-origin" if you are using iframes within your own website.

Now that I have written this post, the basic idea that someone is using your site within an iframe, seems not only plausible but likely. Set the header and see what happens.

puente

10:18 pm on Feb 25, 2021 (gmt 0)

5+ Year Member Top Contributors Of The Month



... the basic idea that someone is using your site within an iframe, seems not only plausible but likely.

as a note, if the traffic logs contain referer headers then it should be pretty simple to verify that possibility.

friedclyde

4:44 am on Feb 26, 2021 (gmt 0)

5+ Year Member



hey Nick

yes these guys are not hitting my website/server/nothing

thing is i have the x-frame options in my ht access..... now i was searching and read somewhere that the xframe options are now ignored in the ht accessing some browsers so this is where i think the issue is stemming from i cant seem to find where i read that... i decide to shift hosting from being "managed by cloudways" to be "managed by wpe" for now.... i already a big boost in speed I hope i dont go broke... im basically fed up of managing all the stuff myself and my offline buisness is my new focus because of the way things have been going so

NickMNS

5:26 am on Feb 26, 2021 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Here:
[developer.mozilla.org...]
here:
[developer.mozilla.org...]
and here:
[developer.mozilla.org...]

Most importantly from the first link:
Note: The Content-Security-Policy HTTP header has a frame-ancestors directive which obsoletes this header for supporting browsers.

What this language suggests to me is that X-Frame is still needed for older browser but can be replaced the by CSP header for "supporting" browsers.

Also be careful, to use the "frame-ancestors" directive, using the "frame-src" which will prevent you from loading any Iframes on your website. Basically disabling AdSense completely.

All this may not work regardless, because these are headers and they can be ignored (either intentionally, or because the browser doesn't support them). As explained in this link, which proposes "frame busting" scripts as a final solution.
[cheatsheetseries.owasp.org...]

Featured image: webmasterworld
developer.mozilla.org
X-Frame-Options - HTTP MDN
The HTTP X-Frame-Options response header can be used to indicate whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

londrum

1:07 pm on Feb 26, 2021 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



if you don't want to put it in your htaccess file then you can stick this line at the top of all your php pages, which does the same thing 
header('X-Frame-Options: SAMEORIGIN');

friedclyde

6:32 am on Mar 1, 2021 (gmt 0)

5+ Year Member



:) londrum thanks for that, but I have all the security measures in place, atleast all the XFO options

@Nick sadly i have now put in all the CSP and I have no choice but to move on to frame busting scripts which I will again have to study and implement. When I block adsense with CSP on my site thats when it works with the clickjacking

moving to a WPE only made the site load faster, basically someone around the world somewhere really doesnt like my website :|

friedclyde

6:41 am on Mar 1, 2021 (gmt 0)

5+ Year Member



Ok frame busting was way easier than CSP :| i can now get a phd in click jacking prevention i just hope it works... i hope this stuff doenst happen to any of you this is kind of ridiculous.... ad clicks yes, but imagine stealing facebook likes shares etc as well .... cant really keep a tab on that ....

lammert

11:05 am on Mar 1, 2021 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Their coming in through vpns specially Tor and their ips are changing continously

If you are using Cloudflare, you can switch IP Geolocation on in the Network section. Country codes are then sent as a header to your server. The Tor network has a special country code T1. As an example in PHP, to block Tor users and users from China, you can use the following piece of code. 
<?php
$block_list = array( "T1", "CN" );
$country_code = $_SERVER["HTTP_CF_IPCOUNTRY"];

if ( ! empty( $country_code ) && in_array( $country_code, $block_list ) ) {

 header('HTTP/1.0 403 Forbidden');

 printf( "<h1>403 - Access not allowed</h1>\n" );
 printf( "Content of this website is currently not served to your location." );

 exit;
}
?>

dolcevita

3:19 am on Mar 2, 2021 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



If you are using Cloudflare i would like to suggest you to better go to Firewall rules and there you will have option to Captcha challenge user visitor from specific country (including TOR users) or even block it.

janvitos

3:42 pm on Mar 2, 2021 (gmt 0)

5+ Year Member Top Contributors Of The Month



It seems like my website is being affected by the same issue (or very similar).

I started noticing on February 23rd that my website was penalized by the Confirmed Click / Two Click / Double Click penalty. This was the first time I had received this penalty and I hadn't made any recent modifications to my design or ad placements.

I then contacted AdSense Support who sent me a list of disallowed / recommended implementations, and after thoroughly looking through all of them, I confirmed my website had absolutely NO implementation issue.

So this is when I started digging around in my AdSense stats and found out a lot of ads were receiving more clicks than impressions!

Please see this interesting table with Impressions vs CTR: [imgur.com...]

So this is when I realized I was being click bombed. As you can see from the table, most articles are getting a CTR of 20%+ (some of them are at 80%+), which is over 10 times more what articles are normally receiving when not being click bombed.

After digging a bit more, I also found out that the issue seems to affect only the Android Webview browser, which is actually the Facebook In-App browser. Maybe a bug in the browser that clicks ads?

My next step will be to look for patterns that I could block in the CloudFlare Firewall, but right now, it seems like the attacks are pretty random and from random countries as well.

Edit: It seems to be more like a bug in the Facebook In-App Browser / Android WebView that is clicking ads. Very strange.

[edited by: janvitos at 4:08 pm (utc) on Mar 2, 2021]

This 97 message thread spans 4 pages: 97
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Search Engines and SEO / Google AdSense - Display Ads 12:07 pm Apr 17, 2026