Ads.txt Files without Authorized Advertising Systems

May 6, 2019 | By Alan Reed

Ads.txt is designed to allow publishers to publicly declare which advertising systems and associated publisher IDs are authorized for a given domain. Some publishers may choose to not authorize any advertising systems. The original ads.txt specification said to use an empty ads.txt file to indicate that no advertising systems are authorized. However, empty ads.txt files can create ambiguity for consuming systems.

Ads.txt specification has changed in order to differentiate between web servers returning blank error pages for the /ads.txt URL and domains that intend to not authorize any advertising systems. To indicate no advertising systems are authorized, publishers should include at least one properly formatted "placeholder" record.

Read the latest Ads.txt Specification (March 2019)

Why Publish ads.txt Without Authorized Sellers?

Ads.txt allows you to publicly authorize digital sellers of your ad inventory. If your blog or website does not sell ad space, you may want to use ads.txt to explicitly block all advertising systems.

Every time a bid request is received the ad exchange must check whether the request is authorized according to the publisher's ads.txt file. There are three possible outcomes: Authorized, Unauthorized, or Non-Participating. Non-participating means the publisher has not implemented ads.txt so the ad exchange has no way to know if ad inventory if genuine or counterfeit.

For authorized and unauthorized content the choice of whether to buy is cut and dry. However, with ad placements on non-participating domains advertisers have a choice. Sometimes it is hard to get publishers to play ball even if there is no fraud. Unverified inventory is riskier but if there is lower demand then prices may be lower as well.

Non-advertising publisher's want to protect their brand by preventing their domain from being spoofed to ad exchanges (SSPs) by fraudsters.

Ads.txt API flowchart by adstxt.com
Each ad request must be checked against the requesting domain's ads.txt file. Each ad request is has 3 possible states: Authorized, Unauthorized, or Non-Participating. In order to explicitly indicate that fraudulent inventory is unauthorized, publishers must include at least one valid ads.txt record.

How to Indicate All Inventory is Unauthorized?

Previous versions of the ads.txt spec stated that as long as a publisher website returns a 200 status code on /ads.txt then the domain should be considered "participating." However, this can lead to ambiguity. For example, some sites (incorrectly) return 200 codes instead of 404. This is called a "soft-404" and can result in crawlers thinking a domain is participating when it's not.

To solve this issue, the latest ads.txt specification (version 1.0.2) states that in order to be considered participating an ads.txt file must return 200 status code and contain at least one valid record.

What constitutes a valid record?

Good question! A valid record has three required fields and one option field. Fields are comma separated. The first field must be valid DNS domain name according to RFC 1123. The third field must be either "DIRECT" or "RESELLER." No field may contain whitespace.

So how do I put a valid record without authorizing any advertising systems?

The key is to enter a domain name that is not a real ad exchange for field #1.

The ads.txt specification recommends the following:

placeholder.example.com, placeholder, DIRECT, placeholder

Adding that record to your ads.txt file (and only that record) will ensure all advertising systems are unauthorized to sell inventory on your site. This change is scheduled to take effect March 2020—one year after the change was announced. However, nothing stops you from adding this record to your ads.txt right now. Thanks for doing your part to fight ad fraud.

You can download the complete list of domains with ads.txt files at adstxt.com


Questions, comments, corrections? Let us know.