Apply now for Hotbrain 2023!

Segmenting out internal website traffic: What’s the best way?

Share Post:

When you have a large staff and/or a staff that visits the organization’s website a lot, it can really mess with your website analytics data. It’s easy to imagine 10–20+% of your website traffic being irrelevant to your external marketing efforts / the audience you want to reach. This in turn nerfs conversion rates, while inflating traffic, engagement / time on site, etc! And of course, it also precludes doing internal website usage analysis.

To make matters more complicated, these days a lot of the time staff just isn’t at the office/campus, and/or is using their mobile phone data vs the office wifi—so GA4’s built-in IP address filter method is just really not a good solution at all.

So what can we do?

We could take a fairly passive approach and segment our traffic by those users who visit the administrative area of the organization’s website.

But this is pretty weak since, for many organizations the people who regularly do this might be limited to a very small number of personnel. However it could be a good fit if all employees are required to log in to the website for HR purposes…

The other major challenge is that normal segmentation relies on either setting our own, or using Google Analytics’ built-in cookies. We decided that cookies were too fragile, as they tend to get deleted after a year (max), some users delete them periodically manually, or don’t accept them at all. And people just generally have something of an aversion to them nowadays, so minimizing reliance on them is not a bad call.

In the end, we couldn’t find a solution that was robust enough for us, especially since we don’t work at our client’s organizations full-time and don’t want something high maintenance—i.e. where we would have to be updating (potentially) rotating IP addresses for staff (we already looked at why this was suboptimal anyway), replacing cookies, etc. (yes, cookies could be replaced automatically if not present, but again we wanted to try something that wasn’t cookie-based).

What we ended up doing:

First, we had our client ask all staff to visit a special, secret URL on the organization’s main website.

When that URL was visited, we used Google Tag Manager (GTM), along with some special custom javascript, to place a “permanent” record in the browser’s local storage that indicated that they were “internal” traffic.

What’s local storage?

Basically it’s a more permanent, harder-to-delete place to store persistent data in browsers (it also offers larger storage than wimpy cookies). You can read more about it here. It’s also very easy to interact with via javascript!

You can see local storage in action here:

We use this value to identify the visitor as staff/internal traffic.

Essentially we created a key of visitor_type and the possible values of internal or external.

The tag logic works by setting the default value of visitor_type to external, unless internal is set. We then send that info to Google Analytics 4 as a custom dimension. So after visiting the secret page URL, on the next page load, Google Tag Manager will see the new value, and send the data to GA4 accordingly.

This worked out really well and I thought some people might want to know that this is an option!


Since the method requires staff identifying themselves by way of visiting a URL, you need to be sure everyone has done it. This also means they have to visit it on all of their devices—and do it again if they get a new device or start using a new browser, or wipe their device (this would be true of the cookie method as well). I would recommend baking this into new hire onboarding, and maybe sending out an email every year or two to encourage people to visit the secret URL again just in case they forgot to do it themselves when encountering the reasons above.

More Updates