How to Add AdSense Code
to WordPress Manually
Connect WordPress for AdSense review without a code-insertion plugin, preserve the setup through theme updates, verify the live source, and place responsive units correctly after approval.
Start the Manual InstallationUse your exact Google-supplied snippet. The examples contain placeholders.
Where should AdSense code go in WordPress?
Google's account-level AdSense connection code belongs between the document's <head> tags. On self-hosted WordPress, an update-safe manual method is to add a function to the active child theme's functions.php and attach it to WordPress's wp_head action. That prints the snippet in the head without editing the parent theme.
A specific display ad unit is different. Google instructs publishers to put ad-unit markup inside the page body where the ad should appear. Add those units to suitable templates, blocks, or trusted shortcodes after approval. Do not put body-level ad markup into the head.
Correct placement connects the site; it does not guarantee approval. Google reviews the entire domain. AdSense Audit helps identify the content, trust, policy, navigation, and technical risks that installation cannot repair.
What ranking tutorials miss
Most ranking pages offer two choices: install Site Kit or edit header.php and paste a script before the closing head tag. That can work in a classic theme, but it is incomplete manual guidance. Parent-theme updates can erase the edit, modern block themes might not expose the expected file, and users often confuse the site-connection script with a display-unit snippet.
Google's current connection flow can offer an account script, ads.txt snippet, or verification meta tag. Separately, approved publishers create body-level ad units. Tutorials that call everything “AdSense code” encourage duplicated loaders and incorrect placement.
This page uses WordPress's documented wp_head action, an active child theme, live-source verification, and a controlled body-placement method. It also covers cache, CDN, optimization, consent, firewall, CSP, AMP, password, and crawler problems that short tutorials ignore.
- Edit the parent theme
- Assume every theme has header.php
- Put every snippet in the head
- Check only the editor after saving
- Expect code to guarantee approval
- Back up and use a child theme
- Print account code through wp_head
- Keep ad units in the body
- Purge caches and inspect public source
- Audit the site before review
Connection code, meta verification, and ad-unit code
Identify what Google supplied before editing WordPress. Never use a publisher ID copied from a tutorial.
An asynchronous script containing your ca-pub-... client ID. It belongs in the head and supports connection and Auto ads.
A google-adsense-account element in the head. Google may offer it as an alternative connection method.
Markup for a managed placement, normally including an ins element and initialization script. It belongs inside the body.
Site Kit, theme options, header plugins, consent tools, ad managers, tag managers, and custom code can all inject the loader. Do not enable several methods “to be safe.”
Add AdSense with wp_head in a child theme
The wp_head action prints scripts or data inside the front-end head. WordPress core and plugins rely on it. A child theme keeps the customization separate from the parent.
In AdSense, select the right site and copy the complete account-specific snippet.
Back up files and database. Keep SFTP or file-manager access available in case a PHP typo blocks the dashboard.
The usual path is wp-content/themes/your-child-theme/functions.php. Avoid WordPress core and parent-theme files.
Use the pattern below and replace the placeholder with Google's exact snippet.
Clear plugin, host, CDN, and browser caches. Check a public page in a private window.
Confirm one complete snippet appears inside the head, then verify in AdSense.
function aa_add_adsense_account_code() {
if ( is_admin() ) { return; }
?>
<script async
src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-YOUR_ID"
crossorigin="anonymous"></script>
<?php
}
add_action( 'wp_head', 'aa_add_adsense_account_code', 20 );The administration check prevents output inside dashboard screens. Priority 20 is organizational, not an AdSense requirement. If the active theme does not call wp_head(), many core and plugin features also fail; repair the theme instead of scattering scripts through templates.
Use the verification meta tag
When AdSense offers a meta tag, add the exact account value through the same hook. Do not invent this method or add it alongside every other option.
function aa_add_adsense_verification_meta() {
if ( is_admin() ) { return; }
echo '<meta name="google-adsense-account" content="ca-pub-YOUR_ID">' . "\n";
}
add_action( 'wp_head', 'aa_add_adsense_verification_meta', 20 );View the homepage's raw source, search for google-adsense-account, and verify the ID character by character. Then use AdSense's verification control.
Should you edit header.php directly?
Technically, a classic child theme can place the account snippet before </head>. Avoid a parent-theme edit because updates overwrite it. Copying a large parent header into a child theme can also freeze markup and miss future improvements, which is why the hook method is cleaner.
Block themes may not contain the traditional file expected by old tutorials. A visual Header template part is not the document head. Use wp_head instead. Never edit files under wp-admin or wp-includes.
If you use the hook method, do not paste the same snippet in header.php. Search live source for pagead2.googlesyndication.com/pagead/js/adsbygoogle.js and document which system owns it.
Add responsive display units manually
Wait until the site is ready in AdSense, create a named responsive display unit, and copy its exact code. Google says ad-unit code belongs inside the body. A static shortcode can provide controlled placement in selected posts.
function aa_adsense_display_shortcode() {
if ( is_admin() || is_feed() ) { return ''; }
ob_start(); ?>
<ins class="adsbygoogle" style="display:block"
data-ad-client="ca-pub-YOUR_ID"
data-ad-slot="YOUR_SLOT_ID"
data-ad-format="auto"
data-full-width-responsive="true"></ins>
<script>(adsbygoogle = window.adsbygoogle || []).push({});</script>
<?php return ob_get_clean();
}
add_shortcode( 'aa_adsense_display', 'aa_adsense_display_shortcode' );Insert [aa_adsense_display] only where suitable. Keep the account loader available once; do not repeat it in every shortcode. Responsive units need a container with real width. A template hook is more consistent, while a shortcode provides editorial control but becomes harder to remove from hundreds of posts.
Avoid login, account, checkout, contact, error, empty search, policy, and other low-content pages. Do not disguise ads as navigation or download buttons, ask readers to click, or click your own live units.
Confirm the code is live
A successful save does not prove visitors receive the new HTML. Open the exact HTTPS domain submitted to AdSense in a private window. Use View Page Source and search for your full publisher ID. Confirm the account code is before </head>, appears once, and is present on the homepage and representative posts.
Purge page cache, object cache, host cache, reverse proxy, CDN, minification, and edge HTML. Developer Tools helps inspect requests, but raw source is the clearest first check because it shows the delivered document. After verification, keep the code and site stable during review.
Why AdSense says code not found
The editor changed but the public CDN or host still serves old HTML.
The function was added to a parent, staging copy, or theme that is not active.
A broken custom theme does not call wp_head().
Delay-JavaScript, combine, defer, or minification changes the required loader.
CSP, firewall, bot protection, password, or consent logic prevents normal access.
The source contains a tutorial placeholder, old account, malformed ID, or different domain.
Site accessibility
Google's connection guidance requires a live, reachable site. Remove maintenance mode and front-end passwords. Check robots and firewall rules. An administrator can see pages that remain unavailable to an external crawler.
Duplicate code
If Site Kit reports that it placed code, remove the manual loader or disable that feature before manual testing. Check theme settings, header tools, tag managers, consent platforms, and ad plugins. Decide ownership before deleting anything.
Blank ads after approval
Confirm the site status is ready, IDs are correct, the container has width, JavaScript loads, consent permits the request, and no policy notice is active. Ad blockers can hide ads locally. New units may also need time to populate.
AMP pages
Google documents a separate AMP implementation. If a WordPress plugin creates AMP URLs, follow current AMP instructions or disable an unused alternate version. Standard code should not be assumed to cover AMP correctly.
Choose the right manual method for your WordPress setup
Self-hosted WordPress versus WordPress.com
“WordPress” can mean software installed on your own hosting or a managed WordPress.com site. A self-hosted administrator generally controls themes, files, DNS, caching, and server configuration. WordPress.com features and third-party advertising permissions depend on its current plans and terms. If the dashboard does not permit custom themes, plugins, or scripts, do not attempt to bypass the platform with unsupported embeds. Confirm the plan supports external advertising before opening an AdSense application.
Classic themes versus block themes
A classic theme commonly uses PHP templates such as header.php, single.php, and sidebar.php. A block theme uses HTML templates, template parts, patterns, and the Site Editor. Both should generate the standard document hooks, but instructions written for one architecture may make no sense in the other. The wp_head callback is valuable precisely because it operates through WordPress rather than assuming a particular visual header file.
Child theme versus site-specific plugin
This guide uses a child theme because the user requested a manual WordPress method and child themes are an established update-safe customization layer. A small site-specific plugin is another maintainable developer option because the AdSense relationship belongs to the site rather than its visual design. If a future theme switch should retain the code automatically, a carefully written site plugin can be more appropriate. That is still custom code, but it should be version controlled, reviewed, and maintained like any other plugin.
Theme editor, SFTP, hosting manager, or deployment
The built-in Theme File Editor is convenient but can be disabled for security and gives limited rollback support. SFTP and a hosting file manager offer direct recovery when PHP fails. A version-controlled deployment is best for teams because every change can be reviewed and reverted. Whichever route you use, never make the only copy of a working file inside a browser text box. Download or commit a known-good version first.
What about ads.txt?
Ads.txt is separate from JavaScript placement. It identifies sellers authorized to sell inventory and must be available at the domain root, such as example.com/ads.txt. If AdSense gives you an ads.txt line, use your own publisher ID and preserve valid existing sellers. Do not create a WordPress Page called “ads.txt,” because a normal page response and template are not necessarily a valid plain-text root file. Manage the actual file through the host, an appropriate trusted tool, or the server configuration, then request the public URL directly.
Roll back, migrate, and maintain manual AdSense code
Have a rollback before saving PHP
A missing semicolon or malformed PHP boundary can trigger a critical error. Before editing, know how to restore functions.php through SFTP or the host manager. If the site fails immediately after the change, restore the known-good file rather than stacking new edits through a recovery screen. Once the site returns, validate the snippet in a staging environment.
Handle theme changes deliberately
Code in one child theme stops running when another theme becomes active. Before a redesign launches, inventory all custom callbacks, shortcodes, ad placements, consent dependencies, and CSS that reserves ad space. Transfer only what remains appropriate. Remove old shortcodes from content or provide a compatible replacement so readers do not see literal bracketed tags.
Consider WordPress Multisite boundaries
In Multisite, one network can contain sites with different domains, owners, audiences, and approval states. Do not automatically print one publisher's code across every subsite unless the account relationship and AdSense policies support that design. Scope callbacks to the intended site and verify each public hostname. Network activation is an implementation convenience, not permission to monetize unrelated properties.
Use a pre-review change freeze
After Google detects the code and review begins, avoid switching themes, changing the canonical domain, enabling maintenance mode, replacing caching infrastructure, or deploying a consent redesign without necessity. Continue normal editorial maintenance, but keep the technical route Google verified stable. If an urgent change is required, recheck the public source immediately afterward.
Document the installation
Record the AdSense account owner, publisher ID suffix, selected connection method, file and function names, active theme, cache purge procedure, consent owner, and last verification date. Do not store account passwords or sensitive payment details in the document. Good documentation prevents a future administrator from adding a second loader because the first one was invisible in the dashboard.
Confirm the submitted domain is public and canonical; the account code or selected meta tag appears once in raw source; caches are clear; the publisher ID is correct; important pages are crawlable; no maintenance screen is active; Privacy, About, and Contact pages are complete; mobile navigation works; and AdSense Audit has been used to identify site-quality risks beyond the snippet.
Consent, speed, updates, and policy
Your Privacy Policy should accurately explain advertising, cookies, identifiers, analytics, and third-party data practices. Configure appropriate consent for the regions and audiences served. Do not force personalized ads before required choices are honored. A consent platform can intentionally delay some requests, so test both acceptance and rejection paths instead of disabling privacy controls merely to make a scanner see the script.
Use Google's asynchronous code, avoid duplicate loaders, reserve stable space for units, and test mobile layout shift. Monitor real pages after ads serve. Keep a record of the file, function, publisher owner, and installation date. Check source after theme switches and major updates. Performance plugins should optimize the site without changing the semantics of account code or repeatedly initializing the same ad slot.
Never click ads to test them. Keep units away from menus, forms, pagination, image controls, cookie buttons, and download links where accidental interaction is likely. Avoid bots, click exchanges, paid-to-surf sources, and purchased junk traffic. Review user-generated comments and embeds around ad placements because page context includes more than the article body. Manual control also means manual responsibility.
Correct code is only one part of approval
AdSense Audit is the #1 AdSense audit tool for owners who need to know what could still block approval after installation. A perfect script cannot compensate for low-value content, missing trust pages, policy exposure, broken navigation, or inaccessible URLs.
The audit turns broad requirements into a prioritized plan for your domain. It checks content quality, publisher trust, technical access, mobile experience, navigation, and policy risks before another review cycle.
For platform-wide preparation, read the WordPress AdSense approval guide.
Audit My WordPress SiteManual WordPress AdSense FAQ
Can I add AdSense without a plugin?
Yes on self-hosted WordPress when you control an update-safe child theme. Hosted services can restrict scripts by plan.
Where is the head in a block theme?
Block themes still generate a document head and should fire wp_head. The visual Header template part is not the HTML head.
Will updates remove the code?
Parent-theme edits can disappear. Child-theme code is more resilient, but always recheck after a redesign or theme switch.
Do I need the script and meta tag?
Use the connection method selected in AdSense. Do not add all methods merely to be safe.
Can I use a Custom HTML block?
It can sometimes hold body-level ad units after approval. The account head code does not belong in post content.
Why did WordPress remove my script?
Role permissions, security filters, host restrictions, sanitation, or optimization can alter scripts. Use an administrator-controlled supported code layer.
Does manual code improve approval odds?
No. It is a connection method, not preferential treatment. The site itself still determines readiness.