Adwords campaign rejected. For Google Matomo javascript is a Malware

Finally got around to re-enabling Matomo, just the script, not the Tag Manager so far. I’ve had a live GA campaign for 4 days now and everything seems to be fine. Will let you know if anything changes and I’ll test out the Tag Manager now.

I’ve just had my campaigns Disapproved again due to Malicious software.

Hi @nicw

We’ve just reached out vie email to for some additional information.

Hello Matomo team and community. This issue is now resolved for me.

I’m using the following fixes to ensure campaigns are no longer being rejected by Google Ads.

In my .htaccess file within Matomo directory, I’ve added the following to send an X-Robots-Tag to bots and crawlers.

#Exclude the following locations from being Indexed by setting X-Robots-Tag
#Set environment variable for a specific path
SetEnvIf Request_URI “(.*?)” ROBOTS_NONE
#Send custom header if the environment variable is set
Header set X-Robots-Tag “noindex, noarchive, nosnippet, nofollow” ENV=ROBOTS_NONE

As a secondary precaution (and recommended by the Matomo team from another user) I’ve created a robots.txt file containing the following disallow rules.

User-agent: *
Disallow: /
Disallow: /addons/
Disallow: /plugins/
Disallow: /app/
Disallow: /media/dashboards/
Disallow: /media/files/
Disallow: /media/js/mautic-form-src.js
Disallow: /themes/
Disallow: /translations/
Disallow: /vendor/

This seems to have fixed the disapproval issue for me and both of these could be incorporated within the Matomo installation package to ensure they get deployed for other users.

Wishing you all a happy and healthy Christmas and New Year!

Well, it took longer than usual, however all ads are rejected once again, so the fix is not a long term solution I’m afraid.

Happy New year all.

Hi @nicw

Thanks for your patience in this. At the moment we only have one other user that is still experiencing this issue. If you continue to experience this issue, could you please let us know?

For now (Since this seems to not be a widespread issue again) could you contact Google Ads support and see if they can help resolve this for you?

If anyone else is still having this issue - please let us know by replying to this forum port.


Assuming everyone has resolved this Richard can you advise what may have been dome to overcome the issue ? I may try OWA or Plausible to see how they do.

Think I may have found the problem caused by a small modification of the script used to collect some additional data.

Hi Team,

Just posting about my situation which occurred this morning;

I have some 59 websites in Matomo of which I have Ad campaigns for 19 of them. Most campaigns are currently active however there are some currently paused.

All 19 campaigns were disapproved this morning due to malicious software.

I contacted Google Ads and they advised me it was the Matomo script that has caused the flag for disapproval. Upon asking Google how they qualify it as malicious I was then asked for a clean report in Search Console, which was provided. Google advised they would take investigation offline and I am waiting to hear back from them. (24-48 hours).

Some campaigns we cannot wait that long to get the Ads back up and running so I have setup removing the script from our sites. Also my business partner is concerned that if the Ads algorithm thinks the Matomo script is malicious what is the Google Search algorithm going to do.

Update for anyone interested: Had to remove the Matomo script from my sites before Google would review my Ads. For each Ad account, I have had to ask for a manual review as they kept claiming the Matomo script was still on the website.

In addition, I have two Ad accounts which have been suspended due to Circumventing Systems policy. For these accounts Google has shutdown all communication so I can’t even find out what the specific issue is. Very frustrating. Particularly since it seems its all based on Google’s misinterpretation of the Matomo script.


Sorry to hear of all your troubles. Sadly, I don’t see this issue going away any time soon. Google is monopolistic and non-responsive to its customers, paying or non-paying. They don’t have to answer to anyone because we use their services regardless of how they treat us.

This issue gets to the heart of why Matomo exists.

I realize this probably isn’t an option for you, but the best solution is to stop using Google. I’m rarely in the advertising realm, but are there viable alternatives?

Just had a client have their Google Ads denied saying that Matomo was malware, thing is as well that the plugin hasn’t been active for over 3 months on this site and certainly has no Matomo JS scripts, so Google must be going on old scans.

Is really shameful how Google treats a lot of users and companies - clearly feel threatened.

1 Like

This is sad to see this is happening. As a developer and marketer with Get Found I really want to use Matomo with everything we do, but if Google keeps doing this, we are up against a wall.

I feel like someone at Matomo should take this very serious and file a suit (maybe even class action) to get this monopolistic monster deflated a bit.

I really want to see some change here folks. Feel free to reach out if I can help.

1 Like

Thanks Mark for the sympathetic words. Yeah it’s a pretty crappy situation. Google actually shutting down all methods of communication is super low and unethical. Didn’t even have the opportunity to offer any explanation.

But you’re right, alternatives are the way to go. Unfortunately, here in Australia the biggest competitor is Bing but they fall so very short on the search engine market share, around 3% or so last time I checked.

Fortunately, we upped our SEO efforts on the effected campaigns and have been able to get by without paid advertising for the moment.

As a side comment, we also had a lot of other Ad accounts that were suspended for other reasons, mostly malicious software (this happened in the space of a week and about 1-2 weeks after implementing Matomo) but for this reason Google allowed communication and we were able to prove there was in fact no malicious software on our sites (after removing the Matomo script) and we had our Ad accounts reinstated.

Seems like very un-competitive behaviour from Google.


100% agreed. The choice should be ours on what software we use on our sites.

Not only the concern about losing the Ad accounts, but what if the search algo decided the sites had malicious software on them and disappeared from the SERPS.

Google should not be allowed to punish the use of alternate software.

Still happening in June 2021. It’s been over a year now, and it seems that Matomo is being steam-rolled into non-mainstream use because of this.

Any idea on you guys getting a “so called clean bill of health”? You have no idea how irate I am at this.

Feel free to add me to any class action if anyone wants to step up here because honestly, this act is costing business owners and admins a ton of money.



Just to document it:

There was a quite popular tweet by someone experiencing the same issue:

which caused a longer discussion here:

1 Like

Thanks for sharing. I sent and made a comment on his tweet.

August 2021 and getting this same issue. Contacted 2 google support reps, both of whom did practically nothing. First one said to manually change each ad (we have over 400+ ads banned… great) and submit. Did that, they all came back banned, even AFTER we removed Matomo from our sites.

This is fully anti-trust behavior. I can not believe Google can get away with this. Considering finding an attorney because this is causing a loss of client revenue, just for using a Google product competitor.

do not talk to google about this, they will just give you the middle finger.

you have to remove any reference to the word “matomo” everywhere, including matomo.js

matomo team should make an option to customize and anonymize any reference to matomo