Is this the right integration for you?
Do you use a CMS?
(Shopify, WordPress, Wix)
Do you use Cloudflare?
Do you use Amazon CloudFront?
Do you use Google Cloud Load Balancing?
Manual Configuration
Google Cloud Run + Firebase
This guide covers the manual setup method for maximum control and first-party data ownership.
The Challenge
Client-side tracking is dying. Ad blockers, ITP (Intelligent Tracking Prevention), and browser privacy
updates are slashing data accuracy by up to 30%. The solution is Server-Side Tagging,
but setting it up correctly on a first-party subdomain (e.g., metrics.yourdomain.com) can
be tricky.
Why Does This Matter for Google Ads?
Simple Answer: It helps you recover "lost" conversions.
When browsers block your tracking (because it looks like 3rd-party spying), Google Ads never receives the signal that a sale happened. This means Google's AI bidding algorithms (Target ROAS, Max Conversions) are flying blind.
By looking like a "First Party" (part of your own website), you can recover 15-20% more conversion data. This feeds the AI better data, lowers your Cost Per Acquisition, and gives you a massive advantage over competitors still using the old method.
The Architecture
We utilize specific Google Cloud architecture to keep everything clean, secure, and first-party:
- Google Tag Manager (Server Container): The brain of the operation.
- Google Cloud Run: The scalable server hosting the GTM container.
- Firebase Hosting: Delivers the website and proxies the tracking server requests via a Rewrite rule.
Step 1: Provision the Server
In your GTM, Create a Server Container, go to Create Container > Container Settings. Use the automatic provisioning tool to create a Cloud Run service. This creates a billing-attached environment that scales automatically to zero when not in use.
Step 2: Configure Firebase Hosting
This is the secret sauce. Instead of managing complex load balancers, we use Firebase Hosting's native rewrite capabilities to route traffic to Cloud Run.
Update your firebase.json configuration. It is cleaner to separate your GTM service into
its own "site" target if you want to isolate it, or you can run it on the same domain.
"hosting": [
{
"site": "your-main-site",
"public": "public",
"rewrites": [
{
"source": "/gtm/**",
"run": {
"serviceId": "your-cloud-run-service-name",
"region": "us-central1"
}
}
]
}
]Note: Be sure to verify your Cloud Run service name and region.
Step 3: Custom Domain Mapping
Map a subdomain (e.g., metrics.casson.co.za) to your Cloud Run service.
- Option A (Firebase): Add the custom domain in the Firebase Console Hosting settings.
- Option B (Cloud Run): Use "Manage Custom Domains" directly in the Cloud Run console for direct mapping.
Verify DNS propagation by visiting https://metrics.yourdomain.com/healthy. You should see
"ok".
Step 4: GTM Client Configuration
In your GTM Server Container, configure the "Google Tag Manager: Web Container" client.
Critical Configuration Requirement
To avoid 400 Bad Request errors:
- Add your Web Container ID (GTM-XXXX) to the "Allowed Container IDs" list.
- Ensure Region-Specific Settings are ENABLED if you plan to use Google Signals.
Step 5: Browser-Side Implementation
Finally, update your gtm.js snippet on your website to load from your new first-party
server instead of Google's.
Replace:
https://www.googletagmanager.com/ns.html
With:
https://metrics.yourdomain.com/ns.html
Replace:
https://www.googletagmanager.com/gtm.js
With:
https://metrics.yourdomain.com/gtm.js
The Result
Your tracking is now First-Party. Browser extensions may report "Not Connected" because they don't
recognize the domain, but inspecting the Network Tab will show requests returning
200 OK.
This setup drastically improves data resilience against ITP and ad blockers, ensuring your conversion data remains accurate for Google Ads optimisation.