Bypass adblockers with a managed reverse proxy
Swetrix Cloud can run a reverse proxy for you on a subdomain you control, so the tracker script and analytics events are served from your own domain. Browsers (and ad blockers) see only first-party requests to your site, which means dramatically less data loss.
This page walks you through setting one up. The whole process takes about 5 minutes plus DNS propagation time.
Looking for the most effective option? A self-hosted proxy running on your own infrastructure is the gold standard for adblocker bypass — it's fully indistinguishable from any other request to your site. It requires more technical knowledge to set up. The managed reverse proxy described here is highly effective for most users and far easier to configure, but the request ultimately resolves to a Swetrix-controlled edge, which makes it slightly more detectable to aggressive blocklists.
How it works
Visitor's browser ──► t.example.com ─(CNAME)─► <random-id>.proxy.swetrix.org
│
▼
Swetrix edge proxy
(Let's Encrypt cert
issued automatically)
│
┌────────────┴────────────┐
▼ ▼
swetrix.com/swetrix.js api.swetrix.com/log- You add a CNAME record on a subdomain you own — for example
t.example.com— pointing at a target hostname Swetrix gives you (<random-id>.proxy.swetrix.org). - Our edge servers terminate TLS for your hostname, automatically issuing a Let's Encrypt certificate the first time a request hits the edge.
- Two routes are exposed on your subdomain:
GET https://t.example.com/script.js— the tracker script (cached at the edge).POST https://t.example.com/log/*— the analytics API (event ingestion, session/profile calls, etc.).
The visitor's real IP address is preserved via X-Forwarded-For, and we strip cookies / authorisation headers before forwarding requests upstream.
Setup
Pick a subdomain
Pick a subdomain on a domain you control. The subdomain should be something generic — try to avoid words ad blockers commonly target.
| ✅ Good | ❌ Avoid |
|---|---|
t.example.com | analytics.example.com |
m.example.com | tracking.example.com |
s.example.com | stats.example.com |
i.example.com | telemetry.example.com |
You can register up to 5 managed proxy domains per project.
Add the domain in Swetrix
- Open your project in the Swetrix dashboard.
- Go to Settings → Managed proxy.
- Click Add managed reverse proxy, enter your subdomain, and submit.
You'll see the domain appear in the list with a Waiting status and a CNAME target that looks like <random-id>.proxy.swetrix.org.
Add the CNAME record
In your DNS provider, create a CNAME record:
| Name | Type | Value | TTL |
|---|---|---|---|
t (or whatever subdomain you picked) | CNAME | <random-id>.proxy.swetrix.org. | 3600 (or "Auto") |
A few common gotchas:
- Cloudflare users: make sure the record is DNS-only (gray cloud, not orange). Cloudflare's proxy will interfere with our cert provisioning.
- Apex domains (e.g.
example.com) cannot be used directly because CNAME records aren't allowed on the root. Use a subdomain. - DNS propagation can take a few minutes.
Wait for the status to flip
After the CNAME resolves, the status moves from Waiting → Issuing → Live automatically (we re-check every minute). You can also click the refresh icon to force a re-check.
Waiting— we haven't seen the CNAME resolve yet.Issuing— DNS is good; Let's Encrypt is provisioning the cert (usually under a minute).Live— your subdomain is fully operational.Error— something went wrong. The reason is shown next to the domain.
Update your tracker code
Once your domain is Live, replace your existing tracker tag:
<script src="https://t.example.com/script.js" defer></script>
<script>
document.addEventListener("DOMContentLoaded", () => {
swetrix.init("YOUR_PROJECT_ID", {
apiURL: "https://t.example.com/log",
});
swetrix.trackViews();
});
</script>If you're using the npm package, only set the apiURL — the script itself is bundled with your app:
import * as swetrix from "swetrix";
swetrix.init("YOUR_PROJECT_ID", {
apiURL: "https://t.example.com/log",
});
swetrix.trackViews();The apiURL option overrides the default API host for all requests the tracker makes (events, session pings, profile identification, etc.) — there's nothing else to configure.
Limits
- Up to 5 proxy domains per project.
- One CNAME target per registered domain.
- We rate-limit certificate issuance per hostname (Let's Encrypt has its own limits — be careful when renaming hostnames repeatedly).
Troubleshooting
Help us improve Swetrix
Was this page helpful to you?