Sign in Start free
← Blog Blog

Ad Network Policy Compliance: A Publisher's Checklist

Guides·Jun 18, 2026·6 min read

Most policy violations aren't malicious. They're accidents — a sticky ad that overlaps a button on mobile, an auto-refresh set too aggressive, a layout change that pushed three units above the fold, a scraped paragraph someone forgot to rewrite. The ad network doesn't grade intent. It grades the page it sees and the traffic it measures, and it enforces at the account level. One quiet mistake compounding over weeks can cost you the whole thing.

This is a working checklist for staying compliant, organized the way networks actually evaluate you: ad setup, content, and traffic. It's specific to AdSense-style policy, but the principles carry across Mediavine, AdThrive, Ezoic, and direct programmatic.

Ad placement and setup

This is the category most under a publisher's direct control, and the one most often broken by a well-meaning layout tweak.

  • No deceptive placement. Ads must not be positioned to look like content, navigation, or download buttons, and must never sit so close to a clickable element that an accidental click is likely. The classic violations: an ad flush against a menu, a unit directly under a "Play" or "Download" button, a floating ad that overlaps a link on a narrow viewport.
  • Respect ad density. Don't pack so many units above the fold that content is pushed below it. A page that's mostly ads on first paint reads as low-value to the network even if the content underneath is good.
  • No hidden or zero-size ad slots. A slot set to display:none, opacity:0, off-screen coordinates, or zero width/height is a hard violation — it's serving impressions a human can never see. This is one of the fastest ways to get flagged.
  • No overlapping slots. Two ad units stacked on the same coordinates means one is firing impressions invisibly behind the other.
  • Keep auto-refresh honest. Refreshing ad slots on a timer is allowed within limits, but an aggressive interval inflates impressions against viewability rules. Abusive refresh is treated as invalid activity, not a clever monetization trick.
  • Label sponsored content. Use "Advertisement" or "Sponsored" where required, and never disguise an ad as an editorial recommendation.

The trap is that these break silently. You ship a responsive change that looks fine on desktop; on a 360px phone an ad now overlaps a tap target. A desktop QA pass won't catch it — but the crawler will, and your readers' mis-taps surface as suspiciously high CTR.

Content compliance

Networks enforce a content baseline before they'll monetize a page, and the rules keep tightening.

  • Original content. Scraped, spun, or auto-generated filler is a policy risk. Networks increasingly detect thin and duplicate content, and "made for advertising" pages — pages whose only purpose is to carry ad units — are an explicit enforcement target.
  • Watch restricted topics. Adult content, dangerous or derogatory material, content involving minors, regulated categories (gambling, alcohol, pharma, weapons) — each network publishes a list. Even a single non-compliant page can put the whole site under review.
  • No hidden keyword stuffing. Text colored to match the background, off-screen keyword blocks, or content present only for crawlers is a violation on two fronts — content policy and deceptive implementation.
  • Honest metadata. Titles and descriptions that misrepresent the page read as a quality signal against you.

The hard part isn't knowing the rules. It's catching the page that quietly drifted out of compliance after an edit, embed, or contributor post.

Invalid traffic — the category that bans accounts

Placement and content get pages demonetized. Invalid traffic gets accounts suspended — and it's the category publishers see least, because most of it never shows up in a normal analytics dashboard.

  • Never click your own ads, ever. Not to test, not "just once." Use the network's preview tools instead of live clicks.
  • Don't solicit clicks. "Support us — click an ad" language is a direct violation, even if well-intentioned.
  • Watch for click-rate anomalies. A sudden CTR spike is a red flag, whether it's a competitor click-bombing your units or a layout change causing accidental taps.
  • Filter bot and data-center traffic. Automation frameworks, headless browsers, and hosting-range IPs firing ad requests all land on your account's invalid-activity record.

The structural problem: by the time invalid activity shows up in a report, the impression is already spent and the click is already on your account's ledger. The only durable fix is to stop the obvious invalid traffic before the ad request fires.

Where PubSentry fits

PubSentry covers the two enforcement categories that hurt most — ad-setup compliance and invalid traffic — from a single async JavaScript tag.

<script async src="https://pubsentry.com/t.js" data-site="st_xxxx"></script>

Policy scanning. The tag runs a high-value subset of ad-setup and content checks on every page it loads, in the reader's browser where the violation actually exists. It flags hidden slots (display:none, opacity:0, off-screen, zero-size), overlapping ad units, density above the fold, slots adjacent to clickable elements, abusive refresh, and risky or hidden content words — the exact mistakes a crawler would penalize. They land as findings in your dashboard, instead of arriving in a suspension email.

Block-before-serve for invalid traffic. When a visitor is clearly invalid, the tag suppresses the ad call before it fires — across Google Publisher Tags, AdSense Auto Ads, Amazon apstag, and Prebid, with a universal fallback. If the ad never serves, there's no invalid impression to flag and no invalid click to land on your record. The activity the network would have penalized simply never occurs. Server-side, raw IP and user-agent are hashed with HMAC-SHA256, then dropped — never stored in the clear.

The honest boundary

Compliance work shouldn't rest on a false promise. PubSentry catches obvious invalid traffic — automation flags, headless markers, data-center IPs, known-bad reputation, abnormal velocity — at near-100% recall with zero false positives. That's hard evidence, which is why it's safe to block and why it never touches a real reader. It's also precisely the traffic that gets accounts suspended today.

Sophisticated, human-mimicking traffic — a bot egressing through a residential proxy, scrubbing every tell — is only partially caught by deterministic rules, by design. On a per-request basis it's indistinguishable from a genuine reader, and we won't block a real human to inflate a number. That gap closes as the reputation network, anomaly detection at scale, and the ML layer grow. We will never claim we stop 100% of invalid traffic, and the policy scanner surfaces a high-value subset of checks, not an exhaustive audit of every clause. What it does, it does cleanly.

The compliance checklist, condensed

  • No deceptive, overlapping, or accidental-click-prone ad placement
  • No hidden, zero-size, or off-screen ad slots
  • Ad density that keeps content above the fold
  • Auto-refresh within viewability limits
  • Original, on-policy content — no scraped, spun, or hidden text
  • Never click or solicit clicks on your own ads
  • Block obvious invalid traffic before the ad serves, not after
  • Watch for CTR anomalies that signal an attack or a layout bug
  • Keep false positives at zero — over-blocking real readers is its own failure

Start free

You don't have to audit all of this by hand. Drop in one tag, let the policy scanner flag your placement issues, and let block-before-serve keep obvious invalid traffic off your account's record. 500 pageviews free, every detection and policy feature included, no card required. Start free at app.pubsentry.com.

Stop invalid traffic before the ad fires. Score every visitor, block the invalid ones pre-serve, protect your account. Free for your first 500 pageviews.
Start free →