Protection settings
How to pick the right detection strategy and action mode for your account, with the scope rules that decide which setting wins.
The Threat & Fraud Protection page (sidebar → Protection) has two big decisions on it and one supporting one. This page walks through each decision so you pick the right setting the first time. For the first-time turn-on flow with recommended defaults, see Launch protection.
Decision 1 — Automatic or Manual?
The first card on the page is Detection Strategy. Two values: Automatic and Manual.
Pick Automatic if:
- You want to set up protection once and not touch it again for weeks at a time.
- You don't have strong opinions about which specific signals matter for your traffic.
- You're new to fraud protection. Start here.
Pick Manual if:
- You know your traffic well and want to flip specific checks on or off.
- Automatic is flagging traffic you know is legitimate (e.g. you run paid ads to a corporate audience where VPN/proxy traffic is normal). Manual lets you keep most protections on but turn one off.
- You're an agency and a client's account has unusual conditions that Automatic doesn't handle well.
The right default is Automatic. Switch to Manual only after Automatic has been running for at least a week and you can point at a specific check that's misbehaving.
Automatic mode reference
Pick a sensitivity level (5 options) and let the AI decide.
Manual mode reference
Each individual check (Technical Threats / Behavioral Patterns / Ad Quality) explained, with "turn this on when…" guidance.
Decision 2 — Which action mode?
The Protective Action card decides what ClickFortify does when it detects fraud. Three options:
| Mode | UI description | Pick this when |
|---|---|---|
| Observe | "Log only, no blocking" | First 1-3 days. Lets you see what would be flagged without any impact on delivery. |
| Warn | "Add bad IPs to exclusion lists" | Week 1-2. Future-proofs against bad sources without retroactively blocking today's clicks. Recommended for most teams. |
| Strict | "Block all threats immediately" | After 1-2 weeks of watching, if the calls look right. Full enforcement. |
The path most accounts walk: Observe for 1-3 days → Warn for 7-10 days → Strict ongoing. Stay on Warn longer if you're nervous; Warn is good enough as a permanent setting if you'd rather build exclusion lists than block in real time.
Warn does not retroactively block today's clicks. When a click is flagged in Warn mode, that click still gets charged — ClickFortify only adds the bad IP to your exclusion list so future clicks from the same source don't reach your ads. Same for Suspicious clicks: they show up in the dashboard but aren't excluded yet. Real-time blocking only happens in Strict mode.
Decision 3 — Scope: which level should I edit at?
Settings cascade by scope. The narrowest setting wins when the same setting exists at multiple levels.
| Scope | Edit here when |
|---|---|
| Website | You want one consistent baseline across all ad accounts and campaigns on this site. Default — start here. |
| Ad Account | Only this Google Ads account needs different protection (e.g. one client's account in an agency setup). |
| Campaign | One specific campaign needs different treatment — usually because the audience or traffic source is unusual. |
Switching scope on the protection page
The scope selector lives in the breadcrumbs at the top of the protection page. It works like a path: pick an ad account to narrow from website-level to that account; pick a campaign within it to narrow further.
- No ad account selected → you're editing Website-level settings (the default).
- Ad account selected → you're editing settings for just that ad account.
- Ad account + campaign selected → you're editing settings for just that campaign.
The breadcrumbs always show your current path (e.g. Website > Ad Account > Campaign) so you know what your save will affect.
Settings at narrower scopes override broader ones for that specific entity only. A campaign-level Sensitivity of Strict overrides a website-level Recommended for that one campaign — other campaigns on the same website still use Recommended.
What happens next
- Automatic mode reference — sensitivity levels, when to use each
- Manual mode reference — each individual check explained
- Launch protection — first-time turn-on walkthrough