Google Ads not showing on our Discourse subdomain website


We have subdomain websites, with the main one being

We have successfully set up Google Adsense, and it is working well on the main site and one of the subdomains. However, we encountered an issue with the subdomain website where the Discourse web app is located.

We have already configured the Adsense Publisher code and the ad unit for this website.

The website displays the ADVERTISING text, but no ads appear. We have checked the view source code containing the correct PUB and ad unit ID.

Do you have any ideas or suggestions on how to resolve this issue?

We greatly appreciate your feedback.



The error message you received regarding Content Security Policy (CSP) indicates that the policy settings on your Discourse forum prevent loading a resource from This is the JavaScript file required to display Google AdSense ads on your website.

Content Security Policy is a security feature web browsers implement to protect against cross-site scripting (XSS) attacks and other malicious activities. It allows website administrators to define a policy that specifies which resources can be loaded and executed on their web pages. By enforcing a CSP, administrators can restrict the types of content displayed or executed on their site.

In your case, the error message indicates that the current CSP settings on your Discourse forum are blocking the loading the adsbygoogle.js file from Google’s servers. As a result, the Google AdSense ads cannot be displayed on the subdomain of your website.

To resolve this issue, you need to adjust the Content Security Policy settings on your Discourse forum to allow the loading of the Google AdSense script. This typically involves modifying your web server’s CSP header or configuration file or Content Security Policy settings within Discourse itself.

Please note that modifying the CSP settings should be done cautiously, as it may affect your website’s security. If you’re unsure about making these changes yourself, it’s recommended to consult with a web developer or refer to Discourse’s documentation for specific instructions on how to configure the Content Security Policy to allow the loading of external scripts such as the Google AdSense script.


Next step, how to change this Content Security Policy on Discourse?

You must modify the Content-Security-Policy header to change the Content Security Policy (CSP) on Discourse.

Here’s a step-by-step guide to help you:

Access your Discourse server: Log in to your server or hosting account where your Discourse installation is located. This could be a cloud server, a virtual private server (VPS), or a hosting provider’s dashboard.

Locate the Discourse configuration file: The specific location and filename of the Discourse configuration file may vary depending on your setup.

Look for a file named app.yml or containers/app.yml. It is usually located within the Discourse installation directory.Edit the configuration file: Use a text editor or SSH to open the app.yml file for editing.

Find the env section: Within the app.yml file, locate the section named env or env_variables.

Add the CSP directive: Inside the env section, add the following line to set the desired CSP value:

DISCOURSE_CSP_DIRECTIVES: "default-src 'self'"

Replace with the appropriate domain or resource you need to allow. You can also include multiple domains by separating them with spaces.

Save the changes: After adding the CSP directive, save the app.yml file.

Rebuild Discourse: Run the following command in the command line to rebuild Discourse with the updated configuration:

./launcher rebuild app

This command will rebuild the Discourse container using the modified configuration.

Restart the Discourse service after making further modifications, you can use the following command:

./launcher restart app

Verify the changes: Once the rebuild process completes, access your Discourse forum and check if the ads from Google AdSense on the subdomain are now displaying correctly.

By adding the CSP directive in the app.yml file and rebuilding Discourse, you can update the Content Security Policy to load external resources such as the Google AdSense script.



You can easily do this via Admin > Settings > Security. Then:

Unchecking the Content Security Policy option.
Checking the Content Security Policy Report Only option.

See the screenshot:


Hope this help.