Safari Update: GTM, Google Analytics and Google Ads scripts are blocked in Incognito mode

Oct 30, 2023
Oct 10, 2023
Also available in

There is a growing concern about data accessibility nowadays. Formerly, advertisers could rely on a wide variety of data sources. This is no longer the case due to evolving privacy regulations, the depreciation of 3rd-party and 1st-party cookies, and proactive consumer behaviors like using ad-blockers and selecting opt-out options. The change is making old data sources less useful. Advertisers and marketers who use browser tracking and cookies started to have a more challenging time.

And now comes the Safari update, which can significantly impact analytics data and marketing campaigns. In this article, we will describe the recent changes in Safari tracking restrictions and show how server-side tagging overcomes them.

What’s new in Apple privacy features

Below is the short list of Apple privacy and security features they announced:

  • Removes click IDs from the URLs when using Incognito mode and Advanced protection.
  • Blocks tag management, analytics, and advertising scripts in Incognito and Advanced protection modes.
  • Link tracking protection in messages and mail. 
  • App privacy improvements.

This new feature is designed to remove user-specific tracking details from URLs. Many websites append additional URL parameters to monitor user activity. 

With this update, any links shared via Messages and Mail will have this tracking data removed, yet the links will function as usual. This protection also applies to links accessed in Safari's Private Browsing mode.

By default, using Incognito mode removes any identifiers that can be traced back to the user when they click a link. However, parts of the link that can't identify the user remain unchanged.

Impact on Google Tag Manager

Each tag management system is treated differently in the newest Safari update, primarily when users utilize Safari's Private Browsing mode and opt for Advanced Protection.

The most significant restrictions were implemented for Google Tag Manager, while other tagging systems like Tealium work perfectly fine in all Safari modes.

In the latest Safari update, Google Tag Manager is blocked by default when someone uses Safari Incognito mode or enabled Safari Advanced protection. This means any code or tag you've set up with GTM won't work, impacting analytics, user experience, advertising, and other key website features.

Impact on Google Analytics

Google Analytics has the same impact as Google Tag Manager. Google Analytics script is blocked when a person uses Safari Incognito mode and is blocked by default when Advanced Tracking protection is enabled. There is no difference if you place the GA script directly on the website or use any tag management system. 

Impact on Google Ads

Google Ads and Floodlight scripts are blocked in Safari Incognito mode and when a user enables Advanced Tracking protection. The same restriction also applies to Facebook scripts. At the same time, TikTok and Bing ad tags are not blocked in the exact scenarios. 

What is the solution?

It is simple - start using server-side tracking. With the server Google Tag Manager located on a custom domain, gtm script won’t be blocked in Safari Incognito mode or when Advanced Tracking protection is enabled. If you set up server-side Google Analytics and Google Ads with the help of sGTM that utilizes a custom domain, GA and GAds scripts won’t get blocked either.

Besides a custom domain, you can make server-side tracking even more accurate by utilizing a custom loader. The main benefit of a custom loader is that it helps to make the tracking script invisible for most of the script and ad-blocking tools and techniques. 

A custom loader is free for all stape users and can be set up quickly. Log in to your account, open the sGTM container, go to the Power-ups tab, and configure custom loader power-up by clicking settings and adding your Web Google Tag Manager ID. After that, you need to update the GTM code on your site. 

custom loader by stape to make gtm and google analytics 4 resistant to ad blockers and itp

With a custom loader and custom domain, you can establish 1st party cookies, extend the lifespan of these cookies, and enhance the resilience of the Google Tag Manager and Google Analytics scripts against ad-blocking software and algorithms.

Here’s a case as an example of how Stape’s custom loader can help:

When using server GTM to establish Facebook's conversion API, it's essential to transmit fbp and fbc to Facebook's servers. Setting these cookies is impossible if you rely on a third-party subdomain as a tagging server, as only your primary domain can create cookies for your site. 

With a custom subdomain, the data sent to Facebook would be unlimited, leading to fewer events being credited to your campaigns. The Click ID and browser ID (fbc and fbp) are crucial for gauging the effectiveness of your Facebook advertising campaigns. By integrating your web GTM ID into the custom loader, you'll notice that gtm.js and gtag.js have been substituted with a random request path. This will help conceal the Google Tag Manager and Google Analytics 4 scripts from ad blockers.


In the newest Safari update, Google Tag Manager, Google Analytics, Google Ads, Floodlight, and Facebook scripts are blocked when someone uses an Incognito Mode or enabled Advanced Tracking protection. 

Server Google Tag Manager with a custom domain helps to overcome these restrictions. Using a custom loader can even strengthen your tracking accuracy. In particular, it can:

  • Set 1st party cookies. 
  • Prolong cookie lifetime.
  • Make GTM and GA4 resistant to AdBlockers and ITPs.
  • Keep your data tracking intact.

If you need help setting up a custom loader or would like an audit of your current setup, don’t hesitate to contact us

Host your GTM server at Stape