Hi,
We’re seeing spam traffic hitting /g/collect directly (data center IPs, fake GA4 page_view events via GET). We’ve created a GA4 API secret and want to properly secure the endpoint without breaking normal tracking.
What’s the recommended production-safe approach in Stape?
- Enforce API secret in GA4 Client?
- Block GET requests to
/g/collect?
- Enable specific Stape security settings?
- Block data center IPs?
Looking for best practice guidance for preventing Measurement Protocol abuse while keeping standard Web GTM → Server GTM tracking working.
Hi, Riyaz
/g/collect is the name of the request that collects information on your website, but it is important to note whether your request goes directly to Google Analytics or through your server container URL.
Please check your server container URL settings and make sure they are specified correctly.
Also, please check for any extra tracking scripts added to your website or any other tracking integrations that might be triggering direct requests to your Google Analytics.
If the problem persists, we recommend that you write to us at support@stape.io or create a ticket at Stape and provide more information about the problem so that we can help you.