There's quite a lot of debate and defenses on this one (google seach "iframe buster buster buster") - it's a javascript code which only ever half worked for me (the iframe would try to break out but fail, but I also couldn't navigate away from the page either by clicking links). With HTML5 however, and some of you are probably already using this, there is a new defence: iframe sandbox - no javascript required at all. The only downside is, it is incompatible with IE8 and below, so people using those browsers will still get the redirects but usage of those older browsers are getting less and less all the time. Even so, this is still your best and guarenteed to work defense. Here's the code: <iframe sandbox="allow-scripts allow-same-origin allow-forms allow-popups allow-pointer-lock" style="border: 0; width: 728px; height: 90px;" src=""></iframe> Code (markup): The attribute itself: sandbox="allow-scripts allow-same-origin allow-forms allow-popups allow-pointer-lock" Code (markup): allow scripts: Allows javascript to run - some ads may be a simple banner, some might run through JS, so we want this. allow-same-origin: Same as above, just incase omitting this blocks some ads. allow-forms: Again, incase ads are blocked allow-popups: This one is a double edged sword, popups such as "your PC may be infected!" etc. will still show, but clicking ok will not redirect your page afterwards, instead, nothing will happen. However we do need this because if a user clicks the ad it needs to open in a new tab. allow-pointer-lock: Support for interactive ads. You could probably get away with just using allow-scripts and allow-popups but just incase I'd recommend using all of them so all types of ads work within the iframe. The omitted string is this one: allow-top-navigation Do NOT put this inside the sandbox, this allows redirects which we want to block. So if you're using any type of iframe ad, I'd recommend putting the sandbox attribute in there to protect against redirects which will not only lose you traffic, but also will hurt your site on google. Unfortunately for javascript ads however, there's nothing like this. Also check out: The best way to load javascript based ads