If website data is critical for your business, server-side Google Analytics 4 tracking should be a core part of your analytics setup.

With a standard client-side implementation, you can lose 5–30% of data due to ad blockers, browser restrictions, and tracking prevention technologies.

A server-side setup significantly improves data reliability and gives you more control over how analytics data is processed and sent to third-party platforms.

Tracking Architecture Comparison

Standard Client-Side Tracking

In the traditional setup, data flows directly from the browser to Google Analytics:

Browser
↓
Google Analytics
https://www.google-analytics.com/g/collect

Server-Side Tracking

With server-side tracking, requests are first routed through your own domain:

Browser
↓
Your Domain
Tracking endpoint 
example: metrics.webgate.digital
↓
Server
Google Tag Manager Server Container
↓
Google Analytics 4

Benefits of Server-Side Tracking

Client-side tracking is easy to implement. You only need to create a Google Tag Manager Web Container, paste the code into your website <head> and <body>, and configure the GA4 tag.

However, a server-side setup, although more complex, provides several major advantages:

• First-party tracking
• Improved resilience against Safari ITP
• More reliable attribution
• Reduced impact from ad blockers
• Better control over data processing
• More complete and accurate analytics data

In short, server-side tracking leads to higher data quality and better analytics reliability.Long story short, you will achieve better tracking and more data.

Prerequisites

Before implementing server-side tracking, make sure you have:

Google Tag Manager Web Container

• with a complete GA4 client-side implementation

Google Cloud Platform account

• with sufficient permissions
• minimum Editor role
• ideally permission to modify IAM policies

Tracking subdomain

Example: metrics.webgate.digital

You must also have DNS access to configure this subdomain.

1. Create a Server Container in Google Tag Manager

Go to Google Tag Manager and select your workspace.

Click: Admin → Create Container

Recommended settings:

Container name:

metrics.webgate.digital

Target platform:

Server

Naming the container after your tracking endpoint helps maintain clarity when managing multiple containers.

2. Install Google Tag Manager Server Container

You will be offered two deployment options:

Automatically Provision Tagging Server

Google automatically creates the infrastructure in Google Cloud.

Use this if:

• you want a simpler deployment process.
• you have direct access to the Google Cloud billing account

Manually Provision Tagging Server

Choose this option if:

• you want full control over the infrastructure
• billing permissions are restricted.

The following steps assume manual deployment.

2.1. Server Deployment via Cloud Shell

Open Google Cloud Console and launch Cloud Shell.

First, list available projects:

gcloud projects list

Locate your PROJECT_ID.

hen select the correct project:

gcloud config set project YOUR_PROJECT_ID

Verify the active project:

gcloud config get-value project

Now deploy the server container:

gcloud run deploy server-side-tagging \
--region europe-west1 \
--image gcr.io/cloud-tagging-10302018/gtm-cloud-image:stable \
--platform managed \
--allow-unauthenticated \
--min-instances 0 \
--max-instances 1 \
--timeout 60 \
--update-env-vars CONTAINER_CONFIG="YOUR_CONTAINER_CONFIG"

Replace:

YOUR_CONTAINER_CONFIG

with the Container Config ID from your GTM Server Container.

2.2. Allow Public Access to Containers

After deployment, open: Cloud Run → Services

You should see two services:

• preview container
• main container

Open each service and go to the Security tab.

Change authentication to:

Allow public access

By default, containers require authentication, which would block requests from Google Tag Manager and Google Analytics.

You must apply this setting to both containers.

2.3. Test the Default Cloud Run URL

Copy the automatically generated URL:

https://server-side-tagging-xxxxx.europe-west1.run.app

Open it in your browser.

If the page loads with a blank response and no errors, the deployment is working correctly.

2.4. Configure the First-Party Tracking Domain

Using your own subdomain allows you to:

• create first-party cookies
• improve cookie persistence
• reduce tracking blocking

Example tracking domains:

metrics.yourdomain.com
analytics.yourdomain.com
data.yourdomain.com
track.yourdomain.com

In Cloud Run → Custom Domains, add your tracking domain.

Follow the instructions to configure the required DNS records.

Verification may take a few minutes to several hours.

Once the domain is verified, test it the same way as the Cloud Run URL.

3. Configure Server Container URLs

Open your GTM Server Container:

Admin → Container Settings

Add both URLs:

1️⃣ Default Cloud Run URL

https://server-side-tagging-xxxxx.europe-west1.run.app

2️⃣ First-party tracking domain

https://metrics.webgate.digital

4. Configure the GA4 Client

When the server container is created, a GA4 client is usually added automatically.

If it is missing, create one manually: Clients → New

Select: Google Analytics: GA4 (Web)

The default configuration is sufficient in most cases.

5. Create a GA4 Tag in the Server Container

Create a new tag: Tags → New

Tag type: Google Analytics: GA4

Enter your GA4 Measurement ID.

Important:
Use the same Measurement ID that is used in your Web Container.

Trigger configuration: Custom → Some Events

Condition: {{Client Name}} equals GA4

6. Configure the GA4 Web Tag to Send Data to the Server

Now open your GTM Web Container.

Edit your Google Tag / GA4 configuration tag.

Add a configuration parameter:

transport_url

Value:

https://metrics.webgate.digital

This parameter instructs GA4 to send requests to your server endpoint instead of Google’s default endpoint.

Finally, publish both containers:

• Web container
• Server container

7. Verify Server-Side Requests

Open your website in a browser and go to: Inspect → Network

Filter requests by:

collect

If everything is configured correctly, you should see requests going to:

https://metrics.webgate.digital

instead of:

https://www.google-analytics.com/g/collect

This confirms that server-side routing is working.

8. Preview Server Container

Previewing a Server Container requires a specific order.

First open Server Container Preview.

In preview settings, select the tracking endpoint domain.

Example:

metrics.webgate.digital

Click Preview.

At this stage, the preview panel will appear empty.

Now open Web Container Preview in the same browser session.

Return to the Server Container preview — you should now see incoming events.

How Server Events Work

Events processed in the Server Container are not the same as events triggered in the Web Container.

The server container does not receive dataLayer events directly from GTM Web. Instead, it receives GA4 requests sent from the browser to your tracking endpoint.

The GA4 Client captures these incoming GA4 requests, interprets them as events, and then passes them to server-side tags such as:

• Google Analytics 4
• Google Ads
• Meta Conversion API
• other marketing or analytics platforms

This architecture allows you to modify, enrich, filter, or redirect event data before sending it to external systems.

In practice, the server container acts as a processing layer between the browser and third-party platforms, giving you greater control over how tracking data is handled.This architecture allows you to transform, enrich, or filter data before sending it to external systems.