Deep Dive Into How DFP Safe Frames Block Malvertising

A fully SEO optimized, monetized, and influential blog is the goal. Monetizing comes with its share of challenges among them is keeping your blog from turning into spam central. The world of malware is a whole different animal, and it has penetrated advertising as well.


Malicious advertising, or malvertising, is when hackers embed malicious code in an advertisement and once the ad is posted the malware goes to work – some malware will work once the ad is posted, or after a user clicks on the ad.

As of 2012, at least 10 billion ad impressions were vulnerable to malvertising. Cyber criminals have a very wide reach and are able to compromise a vast swathe of networks thanks to. Organizations are finding it difficult to workaround malvertising and it seems that this is the next big cyber security threat.

Kinds of Malvertising

  1. Fully compromised creatives – basically these advertisements are likey to feature frauds who link to bad URLs with compromised .GIF and .SWF files
  2. Third-party valid redirect – Even if it is a trusted vendor that redirects to a different host or server, it is likely that the creative received by them is compromised
  • Landing page is compromised – The creative was for a trusted vendor, however, the landing page has malicious content so the creative or line item is banned until the landing page is reset.

iFrame or SafeFrame



safeframeThe IAB (Interactive Advertising Bureau) has created an iframe that has enabled websites to stay safe from malvertising. The goal of an iframe is to prevent website owners to place advertising content or  risky content inline. When any external content is contained in an iframe of safeframe, the chances of external content creating a problem with the site’s functioning or the site’s user experience is minimized.

The iframe is a page within a page. Basically an advertiser has their own HTML page within the host page. When an advertisement is posted, all of its information is contained within this frame and it cannot access any data from the host page (user information, passwords, and the like). This ensures that the user gets the benefits of consuming the content of their choice, and websites don’t need to worry about advertisements trying to spread malware.

DFP SafeFrame

DFP stands for “DoubleClick For Publishers”. This is a Google product, formerly known as Google Dart, and is available to anyone with a Google account. A broader and more encompassing version of Google’s AdSense, this product tackles everything you need from an advertising service for your blog.

  • Digital marketing
  • Revenue management
  • Market insights and site insights

DFP is designed as a one-stop solution to all of your advertising related needs. A SafeFrame is an API-enabled solution that provides a singular and unilateral method for advertisers and publishers to communicate. SafeFrame for DFP ensures that publishers and advertisers have clear-cut and enriching interactions with each other. SafeFrame also prevents any external entity from accessing sensitive data.

SafeFrame is mandated by the IAB and has become the industry standard for how advertising is placed in host websites. If you are a DFP user, with GPT tags, then you don’t need to retag your pages with SafeFrame tags. With SafeFrame a publisher is in full control of all the content on their page and how that content interacts with each other and the data that is passed along.

Benefits of DFP SafeFrame

  • User’s data is protected
  • Publisher is in control of their website at all times
  • All rich media content is rendered effectively and efficiently
  • Ads that need different measurements for different devices are supported fully
  • Advertisers have a standardized code for a single ad rather that can be used across all publishing platforms.
  • No scope for content to be influenced and therefore a better scope for better revenue

How does a DFP SafeFrame work?

When a user goes to a website, they are taking with them something of the previous page they’ve visited. For instance, if you have clicked on a link from Facebook, there is data that is sent to the new site that you have come from a link on Facebook. However, browsers make sure that such interactions are limited because of security reasons.

When an advertisement is placed on a web page, there is no reason for a browser to assume that it could pose a threat to a user. However, when an advertisement is enclosed in a SafeFrame, the browser automatically reads it as another page and will carry out the same protocol (of not sharing data) to ensure that a user is safe.

The only instance this is overruled is when there are trusted third-party advertisers who are posting content on a domain.

How to use iFrame for Your site

  • Use a special file in your domain that will bridge the publisher and the ad domains
  • Download the dartiframe.html file
  • Add this to a /doubleclick in the root directory of your server
  • Place this on all sub-domains and domains where the advertisement will be showcased

This solution is geared towards advertising that is placed through DoubleClick Rich Media. This does not work for iframe tags that have been nested. You might experience errors in your site if you follow this, especially if you don’t have DoubleClick.

You might also like our articles AI, Best printing calculator 2019 and Top financial calculator 2019.

How DFP Responds to Malware Alerts

To begin with, DFP places the onus on preventing malware and malvertising on the content publishers themselves. It helps when a publisher is aware of the impact of malvertising. A publisher who takes affirmative action against malvertising is protecting the value of their website as well as their inventory and content.

Key indicators of malvertising content

  • Viruses
  • Trojans
  • Fake URLs and GIFs
  • Fake Flash files

What does DFP do when such content is found?

DFP is geared towards ensuring that both publishers and advertisers get the best out of the huge footfall across the internet. This is only possible when advertisers are publishing rich media content that users will engage with. If any kind of malvertising content is found, DFP initiates the following steps:

  • Creates an in-product alert and emails users in the network as administrator. If you are using customized roles, then, the alert goes to the user who will get the notifications for malvertising alerts

Once the concerned user receives the necessary notification, steps must be taken to deactivate the content immediately. Any kind of rendering of the creative or any click on the content will compromise everything. Once the creative has been cleared by the team responsible for malware, it can be reactivated. A follow-up with the party responsible for the creative is also recommended.

Updated: — 4:48 am