GDPR Compliant Advertising

AdPlugg is now fully compliant with the GDPR. The GDPR (General Data Protection Regulation) is an EU law governing personal data and how it can be collected and stored.

Using AdPlugg For GDPR Compliant Ad Serving

AdPlugg is a great fit for serving ads under the GDPR. This is because AdPlugg doesn’t store Personal Information regarding the end users that the system serves ads to.

This is not true of some other advertising systems. Some ad systems have been pushing personalization. This is where you might see an ad for diapers on a car site because the ad system knows who you are and that you have a baby.

AdPlugg has taken a more contextual approach. With AdPlugg, a site about cars will typically show ads for cars, car parts, etc.

Which ad is shown is up to placement by the Publisher/Advertiser and not at all based on Personal Data.

Because of this, serving ads using AdPlugg is exempt under Recital 26 (Not applicable to anonymous data) of the GDPR.

Cookie Law

Note: Under EU Law, you may still need a notice on your site notifying your users that your site uses cookies.

Disclaimer: We are not lawyers. Nothing on this website should be considered legal advice. Always consult with an attorney when making legal decisions.

GDPR and adplugg.com

To meet the requirements of the GDPR, we’ve made some changes to the adplugg.com website itself. These changes will be important to you, the user of the AdPlugg site and service.

New Legal Docs!

We’ve updated our Terms of Use and Privacy Policy to include language relating to how we handle personal data under the GDPR.

We’ve also added a new Audience Privacy Policy that has information regarding the privacy of ad audience members (persons viewing an ad served from AdPlugg).

Please take a minute to review the changes and additions to our legal docs.

New Privacy Settings Screen!

From within the system, you can now access and control your privacy settings. To access the new settings, click your username in the top right and go to User Settings. Then click the Privacy Settings link.

New Cookie Preferences Feature!

You can now control how the adplugg.com site interacts with third party systems. For instance, you can disable analytical tracking to have us anonymize the data that we send to Google Analytics. You can also disable Advertising Cookies. This will turn off our integrations with our advertising partners such as Facebook and Twitter.

New Personal Data Export Feature!

You can now get an export of your Personal Data. To use the feature, go to your Privacy Setting (see above) and then click the Personal Data Export link.

New Personal Data Purge Feature!

No longer using AdPlugg? After you cancel your account, you can now have us purge all of your old data from our systems.

To use the feature, go here.

Conclusion

While the GDPR brings a lot of new regulations for online businesses, the rights of individuals to personal privacy are important. Using AdPlugg can allow you to maximize your marketing and advertising potential while respecting the privacy rights of your readers and ad audiences.

AMP Ads

AMP Ads

AdPlugg can now be used for AMP ads!

AdPlugg is now integrated with AMP (Accelerated Mobile Pages) and you can now use AdPlugg to easily serve any ad that you want into your AMP formatted pages. You can also use AdPlugg to schedule, rotate, and report on the ads that appear in your AMP pages.

What is AMP?

The AMP Project is an initiative led by Google to improve the mobile web.

Loading an entire web site via a mobile browser (on often a shoddy connection) can be a painful experience for the user, often resulting in high bounce rates if the page doesn’t load fast. AMP works to fix all of that by defining a simple page structure and set of tags for displaying a page quickly via a mobile browser.

The standard way to implement AMP is to have two page urls, one regular one and an AMP one. Mobile browsers are told to use the AMP version. Pages that adhere to the AMP standard often load almost twice as fast as a regular web page. This is due to a simplified structure, improved cachability and the elimination (or deferment) of slow loading resources.

You can see what the AMP version of this page looks like here: https://www.adplugg.com/blog/amp-ads/amp

AdPlugg and AMP

AMP has strict standards regarding what can appear on an AMP page. This is one of the ways that it ensures fast load times. In order for an element to appear on an AMP page, it needs to be an officially approved AMP extension.

AdPlugg is now an official AMP extension and a provider of amp ads.

We’ve also integrated with the AMP WordPress plugin from Automattic to make it easy to place ads into your WordPress powered AMP pages.

Note: the instructions below are for WordPress users. If you aren’t using WordPress don’t fret, see the “Non-WordPress Sites” section below for how to drop tags into your AMP pages manually.

1. Install the AMP for WordPress Plugin

First you’ll want to install the AMP WordPress plugin from Automattic. This plugin will create an AMP page for all of your posts and pages. You can access the AMP page by going to http://www.example.com/some-post/amp.

2. Get Version 1.7 (or higher) of the AdPlugg WordPress Ad Plugin

In Version 1.7 of the AdPlugg WordPress Ad Plugin we’ve added the ability to insert ad tags into your AMP pages.

3. Configure Your AdPlugg Ads

If you don’t already have one, create an account at adplugg.com. Next, upload the ads that you want to include in your AMP pages. AdPlugg allows you to upload virtually any kind of ad that you want. This includes image ads, text ads, HTML5 ads, etc. I’d recommend that you create some AdPlugg Ad Zones that are specifically for your AMP ads. You could call them something like “amp-zone-1”, “amp-zone-2”, etc. Once you’ve created your Zones, target your ads to them directly or via an AdPlugg Placement.

4. Add the Ads to Your AMP Pages

The AdPlugg WordPress plugin makes it easy to add ads to your AMP pages by utilizing a system that you are probably already familiar with, the WordPress Widget System! Here’s what you do:

  1. Log in to the WordPress administrator.
  2. Click AdPlugg in the left menu and then click AMP to go to the new AdPlugg AMP settings page.
  3. Check the “Automatic Placement” checkbox. This will enable the feature and create a new Widget Area called “AMP Ads”.
  4. Go to Appearance and then Widgets. You should now be able to see the AMP Ads widget area.
  5. Drag and drop the AdPlugg Widget into the Widget Area.
  6. Configure the Widget by giving it a Zone machine name, width and height.
  7. If you want the zone to repeat throughout the Page/Post, check the “default” checkbox to make the widget the default.

5. Check the Output

Check your AMP page or post at /your-post-name/amp – it should now include your AdPlugg ads! Feel free to add more ads, rotation, scheduling etc, from the settings available from your account at adplugg.com! Note: it’s best to limit each of your AMP Zones to only show one ad at a time (you can do this via the Max Ad Count field in the Zone settings).

That should do it, see the contextual help (in the top right of the WordPress Admin) for more details.

Non-WordPress Sites

If you aren’t using WordPress, it’s no big deal, instead of adding the tags via the AMP WordPress Plugin, you can just add them yourself (either manually or programmatically). Just drop a tag like the one below into your AMP page wherever you want your ad to appear:

Example


    <amp-ad width="300" height="250"
        type="adplugg"
        data-access-code="<your access code>"
        data-zone="<amp_zone_2>"
    ></amp-ad>

Change the access code, zone names and sizes in the code above to match your account and requirements.

Simply drop this tag into your AMP page and your ads will appear wherever the tag is placed.

Conclusion

AdPlugg makes it easy to serve, manage and track your AMP ads. If you have any questions, comments or suggestions; please post them to the comments section below!

Advertiser Tags!


AdPlugg now supports advertiser tags! Advertiser tags (sometimes called third-party ad tags) are blocks of code that advertisers can give to publishers to serve their ads.

Say you (Acme Corp) have a blue ad that you want to display on the sidebar of Publisher A’s site. You could give them an image and a link, or better yet, you could give him a block of code. The code (an advertiser ad tag) would dynamically pull the image and the link from a remote server. It would track the fact that the ad was served and track if it was clicked. You could easily change the ad image to red and change where the link goes anytime that you want. This is exactly what AdPlugg’s new advertiser tags do.

How to Use Advertiser Tags

Advertiser tags are very easy to use. Here’s a quick rundown:

  1. Create a Zone. Call it something like “Distributed 1” and set the Max Ad Count field to 1.
  2. Create an Ad and target it to the “Distributed 1” Zone.
  3. From your Zones list, click the Get Tag button in the Actions column.
  4. Copy the Advertiser tag and give it to any Publisher or Network that you advertise with.
  5. That’s it. When the tag is rendered, it will retrieve, display and track your ad. You’ll be able to see your ad’s stats from the Analytics section of your AdPlugg dashboard. Later, you can alter your ad or create a new one and target it to the Distributed 1 Zone instead.

More Ideas

Rather than calling the Zone “Distributed 1” as in the above example, you could name it based on the publisher that you are giving it to. For instance, you could call the Zone “Publisher A”. You could then easily have complete control over what ad shows on the publisher’s site.

Using WordPress for Business? 8 Things You Need to Know

Powering more than 25% of the web (over 75 million websites), WordPress is the most popular CMS in the world. But if you are (or are thinking about) trusting your business to WordPress, you had better know these 8 things.

Before I get into what those 8 things are, let me fist say this: do I think you should use WordPress for your business? Absolutely. At AdPlugg we work with thousands of sites using dozens of different platforms and CMSs. In addition, the core of our staff are all web developers and marketers. We’ve worked personally with many different types of websites both as users, marketers and developers. WordPress’ combination of high ROI, low cost of ownership, flexibility and ease of use make it a great choice for most sites. Anything from a personal blog to massive news sites like The New York Times and the BBC can (and do) use WordPress.

However, in addition to the often lauded success stories, the web is littered with thousands of stories of downtime, “white screens”, scaling issues, hacked sites, massive revenue losses and more. Before getting involved with WordPress, you had better know the common problems and how to make sure that your site and business are safe.

8 Things You Need to Know About WordPress for Business

So here are the 8 things that you absolutely need to know if you are going to trust your business to WordPress.

1. WordPress is a Major Target for Site Hackers

Malicious hackers target the efforts at the biggest possible sample size to maximize their effect. This is why most viruses target Microsoft Windows. Similarly, WordPress now has the largest share of the web. Hackers scanning the web for sites with vulnerabilities are putting the bulk of their efforts into targeting WordPress. If you were on a more obscure or homegrown CMS before, you may find that as soon as you are on WordPress you have increased risk, simply because of the volume of hackers and scripts that are specifically going after WordPress sites.

As a quick example, we’ve seen access logs of non-WordPress sites showing millions of access attempts at a url of “/wp-admin” (this is the location where the admin page would be if the site were running WordPress).

2. Never Hack WordPress Core

Being able to quickly and safely update WordPress core is essential for keeping your site up to date with the latest security updates. Hacking (modifying) the WordPress core files is a big no no for many reasons but primarily because doing so limits your ability to get the latest updates.

3. You Take A Risk With Every WordPress Plugin You Use

You shouldn’t hack/modify WordPress’s core files but that doesn’t mean that you can make significant customizations to your site. In fact, WordPress’ hook system makes WordPress extremely flexible and customizable. The way that you make modifications is with plugins. However, keep in mind that with every plugin that you add, you are taking a risk. Any plugin that you install is running code on your server and has unrestricted access to your server files and database. Even if the plugin isn’t malicious or poorly designed/coded, plugins can eat up your server’s memory and cpu. They can also cause your whole site to “white screen” or just crash.

4. Your WordPress Site is Only as Good (secure, stable, efficient) as Your Weakest Plugin

Your WordPress site is only as good (secure, stable, efficient) as your weakest plugin. You can have a great site, on premium hosting and with the latest version of WordPress and a premium theme and if you have just one bad plugin, it can compromise the whole thing.

5. WordPress Plugins Are the Wild West

Open source is a great thing. The world would be well behind where we are today if not for the availability of free, open source code. However, not all open source code is created equal. In fact, it’s not even close. While many open source projects are created and run by major software firms, with teams of professional developers, others may be created by one person with no formal training or experience. It’s up to you to vet the code.

With some open source ecosystems, the vetting is done for you. For instance, Linux come in “distros” (distributions). Linux distributions such as RedHat and Ubuntu have picked a bunch of different Linux packages (and package versions), vetted them, put them together and tested them. RedHat tends to be more conservative with the code that it will put into its distro while Ubuntu is much more liberal (putting newer code that has been less battle tested). You can choose where you want to fall on the scale of latest/most stable when you choose which distro you want to use.

No such system currently exists for WordPress. When a WordPress plugin author updates their plugin, it just goes right out and is immediately released. It can then be downloaded and running on millions of sites within minutes. This is great if the code is good but it skips over all of the safeguards built into linux distros. It is totally up to the plugin developer to test the code.

6. By Default, WordPress Sites Are Incredibly Inefficient and Slow

WordPress is designed to be flexible and extendable. It does a great job of this but these very goals are contrary to those of efficient code. WordPress’ use of denormalized database table structures, dynamic code, uncompiled code (PHP), etc mean that it can’t perform at nearly the speeds of other systems (at least not by default).

7. Having Your WordPress Site Under Your Primary Domain, Puts Your Whole Domain At Risk

If you have more than one site operating under a single domain (ie. example.com/intranet and example.com/blog) even with separate hosting and databases, all of your sites may be at risk from bad code in just one plugin of one site.

Sites operating on the same hostname are susceptible to a number of different client side attacks. If your sites are all running at the same hostname, they may be susceptible to Session Hijacking Attacks and Session Fixation Cookie Attacks. Even if you put your sites under different subdomains, you may still be vulnerable to Cross Subdomain Cookie Attacks, Cookie Jar Stuffing Attacks, and Cookie Tossing Attacks.

8. WordPress is Licensed Under the GPL (Use At Your Own Risk)

WordPress is licensed under the GPL (GNU General Public License). This license explicitly states that you are on your own. If things go wrong, there is no one to fix it and no remedies other than those that you come up with on your own.

Solutions and Recommendations

1. Stay up To Date

As soon as WordPress learns of a vulnerability they will patch it. They will then announce the vulnerability in coordination with the launch of the patch. At that point it is a race to see if you can patch your site before the hackers break in.

Use a plugin, script or managed hosting to ensure that you are getting the latest security updates as soon as they are released.

2. Vet Your Plugins

Make sure that the plugins that you use are well coded (and ideally with a software company behind them). Have a developer check the code out. Make sure to check the following:

  • Does the plugin have unit tests?
  • Is the code well organized and look like it was programmed by an experienced developer?
  • How often is the plugin updated?
  • How many support issues does it have? How many are still open? Have their been previous complaints of new releases having bugs?

While it may be tempting to use free plugins from an author that gives the whole thing away for free, keep in mind that if the plugin has no monetization strategy, the author likely built it as a hobby and likely has little to no incentive to fix the bug that is costing your business thousands of dollars a day.

3. Performance is All About Caching

The key to WordPress performance is caching. If your site gets a decent amount of traffic you should have a page level cache (like Varnish) in front of WordPress. Even better is to distribute the cached pages by using a CDN.

WordPress makes thousands of computations to render each page. There is no point in doing this work for every visitor only to return the exact same page. By using a cache, WordPress renders the page once and then it is served to potentially millions of people by the cache. Caches are how the New York Times and the BBC are able to use WordPress successfully.

4. Keep An Open Relationship With A Development Firm or Use Managed Hosting

Things may go wrong with your site and when they do, the best you can do on your own is to post to the WordPress forum.

If you are trusting your business to WordPress, you should have a relationship with someone who you trust to be there to fix it.

You can either use a managed WordPress host such as WPEngine or you can contract with a local web development firm that specializes in WordPress.

Conclusion

While the choice to use WordPress over other CMS’s may seem like an obvious one, you need to understand the risks.

Used carefully, WordPress can help your business achieve new levels of success. Used recklessly, WordPress can quickly become a liability.

Have comments or questions? Please post them in the comments section below.

Content Targeting: AdPlugg + Open Graph


AdPlugg just launched a new content targeting feature that allows you to target your ads based on the Open Graph tags on your pages. This allows you to target ads to specific topics, sections, tags, etc. The new Open Graph targeting feature is available to all Pro Plan subscribers.

The Open Graph targeting feature is especially useful if you don’t include the category of the article or post in the page’s url. For instance, using AdPlugg’s Page Targeting feature, you have long been able to target ‘sports’ related ads to a url such as ‘http://www.example.com/sports/tennis/wimbledon-2017’ (based on ‘/sports/’ being in the url). However, if you’ve structured your urls in a flat format (such as ‘http://www.example.com/wimbledon-2017’), there was previously no way to target ‘sports’ (or ‘tennis’) related ads to the article. With Open Graph targeting, AdPlugg can now look at your Open Graph meta tags, and for this kind of targeting, the URL doesn’t matter.

So What Exactly are Open Graph Tags?

Open Graph tags are meta tags that you add to the header of your site’s pages. They are used to describe the content of the page.

Below is an example of Open Graph tags that indicate that the page is in the ‘sports’ section/category and that it has been tagged with ‘tennis’ and ‘wimbledon’.

<head>
<meta property="article:section" content="sports"/>
<meta property="article:tag" content="tennis"/>
<meta property="article:tag" content="wimbledon"/>
...
<head>

Though the Open Graph protocol defines a large number of different tags, AdPlugg has specifically added support for the article:section tag and the article:tags shown above.

If you want, view the source of this page to see what Open Graph tags it uses.

How do I add Open Graph tags to my site?

There is actually a good chance that your site is already using Open Graph tags. To check, right click on one of your pages and look for tags that look something like the ones shown in the example above.

The AdPlugg Blog runs on WordPress. We use the Yoast SEO plugin which adds Open Graph tags automatically to all of our posts. The article:section tag that it adds corresponds to the Primary Category that we pick for each post. The plugin also adds an article:tag tag for each of the WordPress Tags that we assign to the post.

The Yoast SEO plugin is just one of over a dozen different WordPress plugins that you can use to add Open Graph tags to your WordPress site.

But I don’t use WordPress!

Don’t use WordPress? No sweat! Open Graph is a standard that has no tie to any particular CMS. There are plugins available for all major CMS systems that allow you to easily (and often automatically) add Open Graph tags to your pages.

Targeting Your Ads and Placements by Open Graph Tag

We’ve added two new subsections to the Page Targeting settings on both the Ad form and the Placement form. One subsection is for “Section Targeting” and the other is for “Tag Targeting”. We’ve renamed the general “Page Targeting” settings to “Path Targeting to better describe how they target the ‘path’ part of the URL.

Once you’ve ensured that Open Graph tags are on your pages, you can use the new Section Targeting and Tag targeting fields to target ads to the page. There are instructions for how to use the settings directly below the fields themselves.

You can tell AdPlugg to target sections or exclude sections, you can also target or exclude pages that aren’t part of a section. The sections can also include wildcards (such as ‘sports-*’).

With “article:tag” targeting, you enter any number of tags and choose whether you want to have your list be the tags that are included or excluded.

We plan to add support for additional Open Graph tags in the future. Some of the ones that we are specifically eying are og:locale (which would allow targeting based on the page’s intended country and language) and og:site_name (which, of course, would allow targeting based on the name of the site). You can see the complete list of Open Graph tags at ogp.me.

Have a question about how to add Open Graph tags to your site, how to target your ads based on your Open Graph tags, or anything else? Post it to the comments section below!

Why Should I Use an Ad Server?

“So why should I use an ad server?” This is a question that we’ve gotten a number of times. And this week, I’m going to give you the low down.

It’s easy to see advertising as an afterthought when working on making a great website or blog. And in fact, that’s exactly the reason why you should outsource your ad serving; you want to be able to focus on providing great content.

So without further ado, here are our top reasons why you should use an ad server:

Stats are your Friend

Unless you are serving only in-house ads, you are going to need to keep track of how many impressions and clicks the ads that you serve are getting. If you can’t provide proof that the ads are being shown, don’t plan on keeping your advertisers around very long.

Even for in-house ads (ads that promote your own products and services), statistical data is crucial to let you know if your ad is getting any clicks, or if you should change out the creative.

Ad Stats Take a Lot of Disk Space

Ad statistics (impressions, clicks, etc) take a lot of storage room. It’s better to store this rapidly expanding data in the cloud where systems have been set up to handle it. If you try to store the stats data yourself, you can end up needing a bigger hosting account or could end up running out of space – causing an outage.

Faster Loading and Lower Hosting Costs

By loading your ads asynchronously off of a third party server, you can cache your pages. Caching can speed up your site and lower your hosting costs. Smart publishers serve all of their pages out of cache and offload traffic stats, comments and ads to third party services.

Serving Ads is A Different Beast from Serving Content

Ad Servers are designed to be able to do computationally expensive ad serving strategies quickly. This includes ad rotation, scheduling, targeting, etc. The average web hosting account is designed to serve mostly static content. Trying to run ad serving strategies on your web server can slow your site down and increase your hosting costs. In addition, serving content and ads and off the same system can make it difficult to determine the source of any issues.

Serve Ads to All of your Sites

By using a separate ad server, you can serve the same ads to multiple websites. This can be important as you grow and start to include more offerings, blogs, etc.

If you run ads directly off of a standalone plugin, you will only be able to serve those ads to a single website. By using a separate ad server, you can serve your ads to any number of websites.

Conclusion

Hopefully this post has given you a good idea of the pros of using an Ad Server. With AdPlugg, we’ve taken all the cons out by making it free and easy to instantly get your own cloud based ad server. Go to our signup page to get yours now.

Have questions? Something we forgot? Please post to the comments section below.

How to Pass the Facebook Instant Articles Review

Want to breeze through the Facebook Instant Articles review process? This post gives you all of the info that you are going to need. So let’s get started.

Quick Overview of Facebook Instant Articles

If you aren’t already familiar with it, Facebook Instant Articles (FBIA) is basically a feed reader that lives inside of the Facebook mobile app. You create a Facebook Instant Articles feed and Facebook pulls it in so that your content can be shown to the user within the Facebook mobile app. This provides a better user experience, is faster and creates less load on your servers.

Facebook lets you run your own ads within your Instant Articles (Facebook Instant Article Adsyou can do this with AdPlugg) or you can choose to have Facebook Audience Network ads automatically inserted.

Setting Up Your Facebook Instant Articles feed

There are a number of steps involved with setting up your FBIA feed and submitting it. For this post we are going to assume that you are using WordPress. If you aren’t using WordPress, check out our Facebook Instant Article Ads for Any Site post for setup instructions (the info here will still apply to the review process).

Here are the steps for WordPress:

  1. Write and publish at least 5 articles (posts).
  2. Install the Instant Articles plugin for WP plugin.
  3. In the WordPress admin, click on the “Instant Articles” menu item in the left sidebar. Follow the onscreen instructions. It will have you log into Facebook and connect to your Facebook “Page”.

The Facebook Instant Articles Review process

By this point, you should have submitted your feed to Facebook. You can see the status of your feed by doing the following:

  1. Log into your Facebook account.
  2. Click on the arrow in the top right, and then click on your page.
  3. In the bar across the top, click on “Publishing Tools”.
  4. In the left hand menu, under Instant Articles, click on “Configuration”.

Now in the middle of the screen you should be able to see a three step process, with the following steps.

  • Step 1: Set Up Instant Articles – This should already be completed.
  • Step 2: Submit for Review – There may be a button here asking you to submit. If so, you can go ahead and click it.
  • Step 3: Start Publishing Instant Articles – We’ll get to this in a bit.

Getting Approved

After submitting your feed for review (step 2 above), you will need to check back periodically to see if you’ve been approved (at this point you don’t receive a notification but they will probably add this eventually). Note: It can take 1-3 business days before your feed is reviewed and its status is updated.

Once your status is updated, it will either show that there are issues or, if you really nailed it, you will see the following:

When we submitted the feed for the AdPlugg blog, we came back one day later and there was a message indicating that there was an issue with our feed. The issue was related to our use of WordPress Smilies. Facebook didn’t know what to do with these. Since they weren’t important, we just removed them. If Facebook rejects your submission based on something that you need to keep, you can keep them or omit them (from the feed only) by defining a Transformer Rule.

If you have issues, fix them, press the resubmit button and wait again for approval.

Check Your Articles

Once you have been approved, you can publish your articles. First however, it’s a good idea to review them using the Facebook Pages Manager app. The Facebook Pages Manager app is available for iOS and Android. Just search for “Facebook Pages Manager” inside the App Store or Google Play and you should be able to find it pretty quickly.

Once you’ve downloaded and installed the Facebook Pages Manager app, do the following to check your articles:

  1. Open the Facebook Pages Manager app on your iOS or Android device (note: if you have the regular Facebook app, you should automatically be logged in).
  2. Click the ellipses (three dots) icon in the bottom right.
  3. Scroll down and under “SECTIONS”, click on “Instant Articles”. From there you should be able to see all of your instant articles. Click into them to review each one individually.

Publish Your Articles

If everything looks good, follow the below steps to publish your articles:

  1. Log into your Facebook account.
  2. Click on the arrow in the top right, and then click on your page.
  3. In the bar across the top, click on “Publishing Tools”.
  4. In the left hand menu, under Instant Articles, click on “Production Articles”.
  5. Click the checkbox next to the articles that you want to publish or click the checkbox in the header row to publish all articles.
  6. In the Actions drop down menu, click Publish.

Conclusion

That’s it. You should now have articles published to Facebook Instant Articles.

Please see our Facebook Instant Article Ads post if you want to include ads in your instant articles.

For more information regarding the Facebook Instant Article review process, check out the official docs from Facebook here.

Have a question or see something that we missed? Please post to the comments section below.

WordPress HTTPS Everywhere

https_everywhere
“I always feel like somebody’s watching me”, the 1984 hit song from Rockwell sums it up…and he might just be right! At the Google I/O Conference back in 2014, Google introduced (or at least endorsed) the principal of HTTPS Everywhere. Where as traditionally HTTPS was only used on login and credit card pages, during the conference, Google suggested that HTTPS be used on all pages on all sites, EVERYWHERE!

Why

Not interested in the “Why”, skip to the “How” below.

Before we get into the “why”, it’s important to note that it’s not just Google. Over the last couple of years, most major sites have been moving towards this concept of HTTPS Everywhere as well. Now Google, Facebook, Twitter, The New York Times and others only serve pages over HTTPS. Last month, AdPlugg followed suit and switched to 100% HTTPS as well. We still allow you to serve your ads over HTTP but anytime you are viewing a page on our website, it will be over HTTPS.

In 2017, Google has gotten more serious about this initiative and it is no longer just an option, now there is a penalty! Beginning last month (January, 2017), Google Chrome now displays an exclamation point in the search bar any time you are viewing an HTTP page. This is designed to alert the user to the fact that they are not on a secure page. Where previously the norm was HTTP and only some pages had HTTPS, Google now wants all pages to be HTTPS and to alert users when they aren’t on HTTPS. In addition, Google is now using HTTPS as a ranking factor, favoring sites that are on HTTPS to those on HTTP for Google’s search results.

The reason Google is doing this is interesting as it represents a shift in what is considered “sensitive” data. In fact, as I am writing this article, I wanted to describe passwords and credit card numbers as “sensitive data”. Google is suggesting that all of our activity online be considered sensitive, and it makes sense. Any time you are browsing over HTTP, a man (server) in the middle somewhere on the internet (or your own ISP) may be spying on what you are doing. In some cases ISPs even alter the content that you see. For instance, if you were to request http://www.example.com, your ISP could easily change what is returned to you since it is being transmitted in plain text. If however, you were to access https://www.example.com, your ISP and servers in the middle can’t read the request or response and you know that not only are you not being spied on but that no one has messed with the information that you are viewing. This can be especially important when you are using public WIFI. If you are on public WIFI over HTTP, the hotel, coffee shop, airport might be spying on what you are doing, if you are on HTTPS, you know that no one in the middle can see anything.

There are some concerns for the publisher however, HTTPS is costly. First of all, you need an SSL cert and your server needs to be configured to support HTTPS. You need to be aware that every page requested must be individually encrypted by the server and not just once, it needs to be individually encrypted for each user. This can cause quite a bit of additional load on your server and result in additional hosting costs.

However, Google has spoken and publishers would be wise to listen. For Google to remain popular, the user must have a good experience using the Google Chrome browser and Google search engine. Google has decided that the user will best be served by viewing pages only over HTTPS. It’s my belief that 10 years from now, Google won’t return HTTP results at all and Chrome will turn red with alerts any time you are viewing an HTTP page.

Because of Google’s initiative, blogs are now recommended to use HTTPS only as well. In this post I’ll be explaining how to set your WordPress site up for HTTPS only.

How

Now that you know why you should move your WordPress site to HTTPS only, in this section, I’m going to tell you how to do it.

Get an SSL Certificate

If you don’t already have one, first you are going to need and SSL certificate. SSL certificates are used to encrypt the data that is transmitted between your WordPress site and the user’s browser. If you are already feeling like you may be in over your head, you may want to just contact your hosting company. They can provide you with an SSL certificate and install it for you. However, if you think you can do it on your own, you can save some money.

I recommend ssls.com for inexpensive certificates that work just as good as the pricey ones. Go to www.ssls.com. For the average WordPress blog, their Comodo Positive SSL for $8.95 for 1 year is a great deal. SSLs.com provides instructions for how to create a private cert and CSR (Certificate Signing Request). Once you checkout, they will provide you with your SSL/TLS cert.

Install the SSL Certificate

How you install the SSL certificate is going to vary based on your host. Check your host’s help for details. You can also contact your host for help, once you have your own cert, most hosts will help you install it for free.

Configure WordPress for SSL Only

Once your SSL cert is correctly installed you should be able to view your site over http or https.

Now we want to configure WordPress and Apache so that they know that your site is only on https and to redirect all http requests to https.

Update Your WordPress Settings

  • Log in to your WordPress admin.
  • Go to Settings and then General.
  • Update the “WordPress Address (URL)” and “Site Address (URL)” fields to use https (ex: “https://www.example.com”).
  • Save the Changes.

Update your internal links (Optional, but recommended)

Most likely, you have links throughout your site that link to other parts of your site. And likely, these links all say “http://”. In the next step, we are going to redirect all http bound traffic to https. So while these links will continue to work, for SEO reasons, it’s a good idea to update all of your internal links to https so they point to the real page and not to a redirect.

The easiest way to do this is using a tool called wp-cli. In order to use wp-cli, you will need to have command line (SSH) access to your hosting account. Once you have wp-cli installed, issue the following command (update example.com to your own domain).

wp search-replace http://www.example.com https://www.example.com

If you don’t have SSH access (or don’t feel comfortable using it), you can do the search and replace using the WordPress Search and Replace Plugin.

Redirect all HTTP Traffic to HTTPS

We can update our internal links to use https instead of http but we don’t have any control over backlinks from other sites, google, etc. The last thing that we want to do is to break all of those links. What we should do instead is 301 (moved permanently) redirect the http request to https.

You can redirect all http traffic to https by adding the following to the top of your .htaccess file:


RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

Conclusion

You now know both why you should move your WordPress site to HTTPS only and how to do it. Have something to add or need help? Post to the comments section below.

Also note that AdPlugg can serve ads over HTTPS in both our Free and Pro versions.

Facebook Instant Article Ads – For Any Site

fbia-ads-for-any-site

In this post I’ll be explaining how to place your own ads into Facebook Instant Articles (FBIA) regardless of what kind of website you have. Back in April of last year, AdPlugg launched its support for Facebook Instant Articles (read more here: Facebook Instant Article Ads). In that post, we explained how to place AdPlugg ads into your Facebook Instant Articles feed but the post primarily focused on WordPress.

In this post, I’m going to explain how to insert AdPlugg ads into the FBIA feed for any site (regardless of language, platform, etc).

Note: if your site runs on WordPress, I’d recommend following the instructions in the previous post instead of using the instructions here.

How Facebook Instant Articles Works

First a little background – you need to have a decent understanding of how Facebook Instant Articles works in order to start tackling things like inserting ads.

Facebook Instant Articles is pretty much just a feed reader. You publish a Facebook Instant Articles feed on your website (at say /feed/instant-articles) and Facebook reads the feed and displays the contents to the user from within the Facebook mobile app. Rather than having to leave the app to go to your website, your article’s content (text, images, etc) is shown to the user using the FBIA reader. Because this means the user never goes to your site, Facebook allows publishers to include ads in their feed (in addition to text, images and other standard content items).

Creating A Facebook Instant Articles Feed

Creating a FBIA feed is going to vary depending on what platform your site is built on. The main reason why our previous post was based around WordPress was because there is a WordPress plugin that creates a FBIA feed for you. We integrated our WordPress Ad Plugin with the Facebook Instant Articles for WP plugin and that made the whole setup pretty simple.

If you aren’t on WordPress, how you create your Facebook Instant Articles feed is going to vary. If you have a custom made site, you may have to custom code your Facebook Instant Articles feed. If you use a CMS other than WordPress (Joomla, Drupal, etc), there may be a plugin available that generates a Facebook Instant Articles feed for you.

Notes

If you have info on how to create Facebook Instant Articles feeds for other platforms, please post the info to the comment section below to help other readers.

If you plan to program the feed yourself for a custom built site, the official docs from Facebook are the best place to start.

If your site is built on PHP, Facebook has a FBIA SDK for PHP that they’ve published to github.

Set up Your AdPlugg Account

So now we’ll assume that you have a feed. Before you can serve ads into your feed, you are going to need to have some ads set up to serve. I’m going to breeze over this here, as its beyond the scope of the article, but you should do the following:

Placing AdPlugg Ads Into Your Feed

So now you have a Facebook Instant Articles feed, an AdPlugg account, an AdPlugg Zone, an AdPlugg Ad and you’ve targeted your Ad to your Zone – to have the ad show in your feed, you would simply add the following tag to the header of each article:


  <figure class="op-ad">
    <iframe 
      src="https://www.adplugg.com/serve/<your access code>/html/1.1/index.html?zn=fb_zone_1"
      height="250" 
      width="300"
    ></iframe>
  </figure>

Change the access code, zone name and sizes in the code above to match your account and requirements.

To troubleshoot, make sure that the iframe src that you are trying to load works. You should be able to put the src url right into a browser and your ad should appear. If it doesn’t, check your url and your AdPlugg settings.

Example

You can use the feed from this blog as an example of what a finished feed would look like. You can see the AdPlugg Blog’s Facebook Instant Articles feed here.

Tip: search the feed for the phrase “op-ad” to see where the ad tags were inserted.

More Info

For more info regarding how to place ads into you Facebook Instant Articles feed, you should check out the official documentation from Facebook. As you read, you’ll likely discover just how powerful combining AdPlugg with Facebook Instant Articles is.

Have questions, comments or need help? Post to the comments section below or feel free to contact us.

Why We Love Advertising (And Why You Should, Too!)

love_advertising
One of the big stories as of late is the rise of fake news. Facebook, Google and other tech giants are working hard in an attempt to combat the onslaught of news that is misleading, disputed or just downright inaccurate. An interesting byproduct of the fake news phenomenon has been an increased interest in real, factual, journalism.

The fake news epidemic was at a fever pitch during the 2016 U.S. Presidential election. The New York Times reported that at least in one case, the news was being created and spread purely for profit. Opportunistic individuals had discovered that fake news that confirmed ones own political beliefs were extremely likely to generate traffic through social media. The fake news site could then prey on unsuspecting ad networks (such as Google AdWords/AdSense) to turn the traffic into profit.

Now Facebook and other social media sites are working to stop the spread of fake news. Just last week, Facebook announced that it will be fact checking news stories and shame posts with a ‘Disputed’ tag.

Conscientious readers have now become fully aware of the issue and have learned that much of the “news” being shown in their various social feeds may be of a dubious nature and from dubious sources.

The backlash from this is likely to be two fold. On one hand, the ability for new news sites to gain traction and grow may be hindered by an increase in reader scrutiny. On the other hand, it sets a high bar that news organizations must achieve to be viewed as reputable on the web.

Advertising plays a vital role in this and its role will increase over time. While many of the promotors of fake news profited at the expense of unknowing advertisers and ad networks, the problem is now known and being actively addressed. Solutions are being devised to keep advertising dollars from making it into the hands of fake news publishers. Advertisers don’t want their ads shown next to fake news stories and readers don’t want to read fake news. Social media and the ad-tech industry can make this happen.

As part of the fake news fallout, we expect to also see an increase in direct-buy advertising (the kind that we at AdPlugg specialize in). With network, blind and remnant ad buys going to unknown sites of unknown or questionable reputations, more advertisers are going to want to place ads directly with reputable sites.

It has been reported that traditional media outlets such as Vanity Fair, the New York Times, and others have all seen increases in subscriptions and traffic since the onslaught of fake news. We expect to soon here reports of increased ad revenue as well.

For publishers, the only path forward now becomes one toward legitimate factual reporting that gains the respect of both readers and advertisers.