Free · open source · GPLv2

WeForAds for WordPress

Connect your WordPress site to WeForAds in one click. OAuth-powered install, auto-injected ad tag, central ads.txt redirect, Gutenberg ad block, dashboard revenue widget.

Requires WP 5.8+ PHP 7.4+ Multisite ready Tested up to WP 6.8
0
Plugin size
0
Setup time
$0
Upfront cost
0 files
Lint-clean PHP
What's in the box

Everything a WordPress publisher needs to monetize

No theme edits. No code snippets. No static ads.txt to maintain. Just a plugin that does the right thing.

One-click OAuth connect

Click "Connect with WeForAds", sign in, approve. No API keys to copy. PKCE-secured (RFC 7636).

Auto tag injection

Tag loads async in <head>. Never blocks page render. Zero theme edits.

ads.txt by central redirect

302 redirect to your WeForAds central file — the IAB-recommended Mediavine/Raptive pattern. Update once, deploys everywhere.

Local ads.txt lines

Append publisher-controlled lines on top of the central file for direct deals. Auto-merges, 1-hour cache.

Gutenberg ad block

Drag "WeForAds Ad" into any post or page. Server-rendered — changes propagate without re-saving.

Auto content insertion

Inject after paragraph #N, after first image, before content end. Per-post opt-out via meta box.

Conditional rules

Skip on specific URL patterns, categories/tags, or for logged-in users. Glob wildcards supported.

Dashboard revenue widget

Today's revenue, impressions, eCPM right inside the WordPress dashboard. 10-min cache so it never stalls admin.

Top earning pages

See your 5 highest-RPM URLs over the last 7 days right inside wp-admin. Content strategy at a glance.

Compatibility detection

Auto-wires WP Rocket, LiteSpeed, AMP, Complianz, CookieYes. Surfaces conflicts you'd otherwise miss.

Multisite ready

Activate per-site in a network; each site connects independently. Same publisher account, separate tag tokens.

Security-hardened

Every form nonce-gated, every input sanitized, every output escaped. SHA-256 token hashing. ABSPATH guards everywhere.

Setup in under 60 seconds

From zero to ad revenue, three steps

No FTP. No theme edits. No code snippets to paste. The plugin does the work.

1

Download & activate

Upload weforads.zip at Plugins → Add New → Upload. Activate. Done.

2

Connect with WeForAds

Click Connect with WeForAds. Sign in at weforads.com, approve the OAuth consent, you're done. (Or paste an API key.)

3

Ads go live

Tag injects on your front-end. /ads.txt redirects to the central file. Today's revenue shows in wp-admin.

install · 3 steps
# 1. Download weforads.zip from your WeForAds dashboard
#    login.weforads.com → WordPress Plugin  (approved publishers)

# 2. WP admin → Plugins → Add New → Upload Plugin → Activate

# 3. WeForAds → Connect with WeForAds → Authorize on weforads.com
Plays nicely with

Plugins we auto-detect and wire up

WP Rocket LiteSpeed Cache W3 Total Cache WP Fastest Cache WP Super Cache Cache Enabler Official AMP
AMP for WP Complianz Cookie Notice CookieYes Ads.txt Manager Yoast SEO WPML
FAQ

Common questions

Do I need to edit my theme or paste a code snippet?
No. The plugin injects the tag via wp_head automatically once you connect. Zero theme edits. Zero FTP.
Will this break my existing ads.txt file?
Only if you turn the ads.txt redirect setting on (it's the default). When on, requests to your-site.com/ads.txt are 302-redirected to your central WeForAds file. If you have a static ads.txt you want to keep, just turn the redirect setting off.
Is it really free?
Yes. The plugin is open-source under GPLv2-or-later. You only pay WeForAds via revenue share on the ads it serves (industry-standard rates, no upfront cost). The plugin's source code is public — nothing's hidden.
Does it work with WordPress Multisite (Network)?
Yes — activate per-site, not network-wide. Each site connects to its own WeForAds site (same publisher account, different tag_token). Connection state is per-site.
Does it slow down my site?
Front-end: no. The tag loads async, never blocking page render. The plugin adds no server-side work for visitors. In wp-admin, the API is called only when you load the WeForAds settings page or the WP dashboard, with a 5–10 minute cache.
How is OAuth more secure than pasting an API key?
OAuth tokens are short-lived (1-hour access tokens, 30-day refresh tokens with rotation) and scoped (read-only). A leaked OAuth token is dangerous for ~1 hour; a leaked API key is dangerous forever. PKCE protects the flow against code interception. (API key paste still works — both are supported.)
How do I disconnect?
Open the WeForAds settings page, click Disconnect. Tag injection stops immediately, the /ads.txt redirect is removed, the API key is cleared, and any OAuth token is revoked via the WeForAds revocation endpoint. Deleting the plugin entirely also removes all stored options.
Where can I see the source code?
The plugin ships as an unobfuscated PHP zip — all source visible after extraction. Public source repository is on the way; the WordPress.org listing will include direct links to changelogs and SVN.

Ready to monetize?

v1.3.0 · WordPress 5.8+ · PHP 7.4+ · GPLv2-or-later · 16 PHP files all php -l clean · available to approved publishers