ARTICLE AD BOX
My app is built using Laravel 13, Filament PHP with Vue.
I would like to add Google adsense on some web pages that are restricted for authorised users. The fact is that these pages have no public visibility unless you are logged in. I know that I have to follow the steps shown on this page https://support.google.com/adsense/answer/161351?hl=en-GB to give crawler access to Google however my concern is about the login is protected by CSRF? Can google crawlers still see the page? Maybe should I have to create an alternative login page for the crawler user only and deactivate the CSRF on this particular login page? Up to what point this is safe?
There is a similar question posted here How can I get Google Adsense to access pages in a login area when login is with JSON? but it doesnt mention anything about the CSRF issue.
20.1k1 gold badge13 silver badges35 bronze badges
3
"Can google crawlers still see the page?" - no, it doesn't sound like they would scrape your login form first, to get a valid token. They expect you to specify all the necessary parameters and their values upfront. So I think you will have to set up a login endpoint without CSRF protection for this.
2026-04-09 06:08:26 +00:00
Commented 1 hour ago
"Up to what point this is safe?" - the two main concerns are, could someone compromise your regular users via this, and could your protected content be exposed to some other 3rd party. As for the first one, I'd make this alternative login endpoint work only for the user account your create specifically for Google, and no other user account.
2026-04-09 06:13:10 +00:00
Commented 1 hour ago
And for the second - if someone else somehow got hold of the alternative login URL, they could try to brute-force their way in. So I'd implement a limit on the amount of login attempts possible within a certain time frame, and quite a strict one at that (the Google bot is not likely to send faulty credentials, once you've set this up.)
2026-04-09 06:13:20 +00:00
Commented 1 hour ago