GeoFences Not Allowed?


Netlify Basic, and working with a static, Hugo-based site that shouldn’t be accessible outside of the US. We’re using GeoTargetly to geofence, and confused by the incredible traffic numbers that don’t match our other analytics platforms. Ask currently is to pay for hosting, but traffic metrics are far from commiserate.

Fair example - Netlify’s analytics claim at least 134k visitors in the last 30-days. I can quality less than a third of that through GA and other platforms. Super confused at 9k versus 134k. Lion’s share of 134k is traffic from France, which should be precluded and redirected outright.

Thoughts? Ignore the warnings and proceed? Any and all feedback is helpful.



You can accomplish this by using edge functions.

Here’s an example for your use case:

Hope this helps!

This is great, thank you.

Quickly - is there a specific reason why the geofence from GeoTargetly isn’t functioning on your servers?

Hi, @adsoink. About the GA difference (which I will assume means “Google Analytics” unless you state otherwise), the key here is how the analytics itself functions.

Google Analytics functions by running javascript in the end-user’s browser. If the HTTP client doesn’t allow the running of javascript (like a script, bot, command like curl, or a command like wget) then Google Analytics will have no record of the request because their javascript never ran. Google Analytics sees zero traffic even though it occurred because their javascript wasn’t run.

In contrast, Netlify Analytics is server-side so it tracks all requests, including those by bots, scripts, and commands that do not allow javascript to run. Netlify Analytics does not rely on the client in any way (unlike Google Analytics which is entirely dependent on the client running their code). This is the primary reason for differences between Netlify Analytics and third-party tools relying on client-side javascript.

Now, about this:

is there a specific reason why the geofence from GeoTargetly isn’t functioning on your servers?

Netlify doesn’t allow you to run code on our servers. You can run code in serverless functions but not on our servers.

So, I think this means that the GeoTargetly code isn’t running at Netlify at all unless your site is entirely powered by serverless functions and you have bundled the GeoTargetly code in those functions.

How have you integrated the GeoTargetly code with this site?

Hi Luke,

GeoTargetly is serverless, and is a JS function. Your analytics show traffic from all over the globe, and we can see through Google Analytics as well as GeoTargetly that international traffic is indeed being blocked. The disparity is confusing.

Why should I implant an Edge function for geofencing when we already have a qualified JS feature in place?

How is that integrated in your website? Based on their homepage, it appears that you need to add a JavaScriptsnippet to your website just like Google Anaytics:

This doesn’t look like serverless to me, or at least your and my definitions of serverless don’t match.

We need some concrete data to see/verify like your site’s URL, a detailed explanation of your setup etc. Just writing this doesn’t work, is not providing us with any information.

Because that’s somewthing we know should work, provided by us and we can help you debug. We cannot help much with third-party tools.

Hi, @adsoink. About this:

GeoTargetly is serverless, and is a JS function.

and this:

Why should I implant an Edge function for geofencing when we already have a qualified JS feature in place?

Which site is this for? I checked all the sites associated with the same email address as used for this forum account and I don’t see any of them using Functions or Edge Functions. As those are the only two features that allow running code before a request is sent, by definition, you are definitely not using GeoTargetly at all on the account that I examined. However, you might have some other account using some other email address that I don’t know about. If so, would you please tell us which site or account this is about?

You can post that information publicly or you can private message (PM) that to one of our support staff. I’ve confirmed that PMs are enabled for your forum login. Please keep in mind that only one person can see the PM and this will likely mean a slower reply than posting the information publicly. Please feel free to reply to however you prefer though.

To summarize, it does not appear to be an incompatibility issue. The issue here is that you do not have the sites configured correctly to allow them to use the service. You stated that this service requires serverless functions to work correctly and none of your sites use serverless functions at all. You are missing a key requirement for the service you are trying to use.

Hi Luke,

GeoTargetly is installed on I just checked the code as well as my dashboard in GeoTargetly, and they report the code is functioning.

Hi, @adsoink. If you go to the function and edge functions configuration pages for the site in question, you will see there are no functions or edge functions configured for that site. This means that there is nothing at Netlify stopping requests.

You can replace the subdomain string below to get the real URLs for the site’s functions and edge function configurations:

If your sites subdomain was then the URLs would be:

The GeoTargetly code might be running on the client (running in the client web browser) but it definitely isn’t running server side for this site.

How is the client browser running the GeoTargetly code? The code must get into the browser somewhow.

So, there must be, again - by definition, a successful HTTP response from Netlify to the client browser before the client browser can run any GeoTargetly code. How could they know to run the code if there was no response from a server?

If a Netlify server sends a successful response to a client (to a browser or spider), Netlify will log that as such (log it as HTTP traffic) and the traffic will appear in the Analytics data. Again, the only way to block a response is by running code server-side (which can only be functions or edge functions at Netlify) and you don’t use either for this site.

To summarize, this isn’t about GeoTargetly not being allowed. This is about you not using GeoTargetly at Netlify at all.

It isn’t working because you are not using it here. You might be using it on the client browser but then there is still HTTP traffic to the browser. If Netlify sends HTTP response to the browser, we log those responses. They will be reported in Analytics because they did occur and Analytic logs all HTTP responses.

Hi Luke,

I would encourage you to use Google and examine GeoTargetly’s documentation as it is a wholly server-less feature and loads in-browser. The code has been in the head of since bringing the site to Netlify in 2019. The issue is recent (i.e. complaining of bandwidth usage that isn’t real) as it has been functioning with no issue until May. Future responses should include a basic knowledge of the function, the fact it is active and doing its job until recently. Your tech is outright ignoring the protocol, which I can see because your traffic metrics align with GeoTargetly’s, though you’re allowing international access when there is a clear redirect, client-side in place. Traffic you allow outside the US matches to the digit what GeoTargetly claims to be blocking.

Instead of telling me something isn’t installed (which it clearly is), your turn here is to tone down your mansplaining and look at the issue as presented. If you are unable to do so, I will be pulling my business from Netlify as it seems your team lacks maturity and an understanding of the foundational tenants of customer service.


I’d like to point back to a statement I made before:

For Netlify (and thus, us), serverless means Serverless computing - Wikipedia, quoting:

Serverless computing is a cloud computing execution model in which the cloud provider allocates machine resources on demand, taking care of the servers on behalf of their customers. “Serverless” is a misnomer in the sense that servers are still used by cloud service providers to execute code for developers.

For you, serverless appears to mean “client-side”, which is technically correct, but is creating a confusion in this thread. Netlify offers two serverless (by our definition, not yours) offerings: Netlify Functions and Netlify Edge Functions. You’re using none as you mention. To add to this confusion, you said:

This, at first indicated you’re using one of our serverless offerings because client-side code cannot run on “our servers”.

Precisely, the redirect is client-side. This means, clients that disable JavaScript, or load assets through other tools like curl will not be redirected. Also, the client-side code works after your page is loading - at a point where Netlify has already served the file. This is something you can see from my network tab:

Even before the redirect kicks in, so many network requests have already been made. If I disable JavaScript, your website loads fine and the redirect never even happens. I feel you’ve got a perceived sense of security, but in practice this is highly ineffective and insecure.

I’d want to bring back your attention to Netlify Edge Functions, as they would be redirecting on the server-side, so you can be sure that if an IP doesn’t belong to US, there’s no way they would be able to access your site.

In defence of Luke, this is the exact thing that he said:

and the bandwidth discrepencies have been explained by him too:

Also, Luke had said that you might be using it on the client-side code:

By you’ve not installed it, he meant, you’ve not installed it on Netlify. Your client-side scripts are not considered as something run by Netlify.

With that being said, I don’t see how Luke’s explanation could be considered as mansplaining. Just like you don’t know as much as we do about Netlify, we don’t have complete knowledge about your tools and other 3rd party services and given the volume of tickets/threads, it’s not humanly possible to read in detail about each and every service our users use. It’s your job to explain it correctly to us. By calling “client-side code” as “serverless”, it wasn’t working in our favour. By calling our team immature, you’re insulting all the hours we put in this thread.

Hi, @adsoink. I didn’t see your reply until today.

First, sexism will never be tolerated at Netlify and the term “mansplaining” is clearly bigoted. If you exhibit bigoted behavior again in any way in this forum, you will be permanently blocked from posting here. You would continue to be able to view content in that scenario but not post. There will be no second warning.

Second, I was not being condescending when I replied. I do understand may have appeared that way to you but (unless you are a mindreader) you could not possibly know my intent.

I know my intent as I do know my own thoughts. My intent was expressing to you what I knew and where my confusion was. I asked you two direct questions to try to understand the disconnection in communication here. The questions were in no way rhetorical. They were earnest and serious questions that I hoped you would answer because I thought the answers may shed light on the issue here. Those questions here:

How is the client browser running the GeoTargetly code? The code must get into the browser somewhow [sic].


So, there must be, again - by definition, a successful HTTP response from Netlify to the client browser before the client browser can run any GeoTargetly code. How could they know to run the code if there was no response from a server?

I’m understanding you as meaning that the client-side javascript can block responses before it is loaded by the client and that is something which seems impossible to me. This is what I’m trying to understand - if you are really saying what I think you are saying and, if so, why you believe that is possible.

I’ll try to explain this in another way. Let’s examine what happens when someone in a blocked country makes a request to You said “outside of the US” so I’m going to use Australia for this example.

  • the Australian IP address will make a DNS lookup for
  • that returns a cloud provider IP address in Australia controlled by Netlify (like which is an AWS IP address near Sydney that Netlify controls at this time)
  • the Australian IP address makes an HTTP request for at that IP address ( controlled by Netlify
  • the Netlify controlled IP address will then send an HTTP response with a 301 status with a header of Location: without an HTML body
  • the Australian IP address will make a new HTTP request to using that same Netlify controlled IP address
  • Netlify then responds with a new HTTP response which is a new 301 redirect to - again, without an HTML body in the response
  • the Australian IP address now makes a third HTTP request, this time to
  • the Netlify controlled IP address then make a third HTTP response, this time a 200 status includes the HTML - this is the very first time that it would even be possible for the client-side javascript to run as no image, CSS, javascript, HTML or other assets have never been loaded prior to this third response

So, there would be three HTTP responses in Analytics because three HTTP responses occurred. Those three responses could never be blocked by client-side javascript because no HTML or javascript has been sent until the third HTTP response is complete.

My previous questions for you before can be summarized in as this question below (which is in reference the scenario above):

  • How can client-side javascript block those three HTTP responses if the client-side javascript isn’t loaded by the client browser until after the third HTTP response is complete?

I’m not trying to be condescending. I just don’t understand your logic here and I’m asking you to clarify how that is possible. To me, that seems to be a reasonable question above.

We will continue to try to assist here if you willing to answer it. Similarly, if you find some flaw in my description of the scenario above, if you explain where I am making a mistake above - we’ll be here to assist. I don’t believe I’ve made any mistakes at all but I’m open to the possibility that I have. If you are willing to continue this conversation, please do clarify as I’m only trying to understand what you are saying.


Intentionally let this be so some individuals could calm themselves and better understand what their current developer documentation looks like. As of writing, it’s still unusable.

@luke Y’all have access to the domain and account tier it’s associated with. Roads available show that a “starter” package cannot satisfy an advanced need. This was likely the first thing your team should have looked at unless the published docs and account tiers described on the website are incorrect since “functions” are not apparently available to those under the “starter” banner. This was not the only time your team sidestepped honest support according to account tier. If this is in error, correct public documentation.

Moreover, why leap from “starter” to “enterprise” without an eye to small business?

Regardless, documentation is rife with arrogant in-speak. Write it for folks out in the world, and be sure to say it’s based on Deno. Pretty, kinda, a lot, bloody-mf’ing important. This is not exposed in your docs. Newer workflows aren’t either, so it is hard to know what to work from.

All tiers can deploy Functions and Edge Functions. It’s free to get started up to a certain number of invocations, beyond which you’ll be charged.

There’s a Pro tier for that.

We say that: Edge Functions API | Netlify Docs

You’re desperately confused. Prevailing documentation does not support your replies.

This does not at all mitigate the failings on your documentation. Deno is mentioned in passing twice on the website (ran an audit). Try again.

This also does not in any way address the use case - block all non-US traffic. Feedback around self-aggrandizing language stands - understanding your use of Deno is platform specific, you should be answerable for your choices.

Hi, @adsoink. The communication process here seems to be hampered by some misunderstandings about both web technologies in general and Netlify in specific.

Here are a list of some of the misunderstanding expressed in this topic so far:

  • you appear to have believed that client-side javascript could modify the behavior of a server where you run zero server-side code, which is something that is obviously impossible
  • you stated that the functions feature is enterprise only when it is available for all plan levels
  • you stated that we don’t publicly document that Deno is the technology used for the edge functions feature (which is distinct from the functions feature which, itself, doesn’t use Deno) and that is demonstrably not the case (as Hrishikesh sent you a link to our public docs that proves otherwise)

Also, you have been and continue to be incredibly rude when communicating here.

We are trying to answer your questions but is is hard to do so when the questions themselves are based on fundamental misunderstandings. For example:

This above ignores the Pro plan and also ignores that functions are available on all plans, even the Starter plan. It is a flawed question as it is based on false premises. I cannot answer that question because the assumptions being made in it are just wrong (that no Pro plan exists or that functions are not available on Starter).

We want to assist you but, we need to be certain that we all have the same understanding first. As you won’t answer our questions and have made several statements that a provably untrue, it has been harder that usual to answer any of your questions so far.

About this:

This also does not in any way address the use case - block all non-US traffic.

The only Netlify feature that does this the Firewall Traffic Rules feature and that is Enterprise only. However, you never asked about that feature. You asked about a third-party javascript library which is client-side only and, because it is client-side only, it could never actually do what you want it to.

Again, I think you had some false assumptions about what the Geo Targetly client-side javascript could do and as we have tried to work with you to clear up those false assumptions you have been rude to us.

I had never heard of Geo Targetly before this topic was created. I know almost nothing about it. I am not an expert with the third-party Geo Targetly software in any way. As you appear to know more about it maybe you can explain how it integrates with hosting where the only way to run server-side code is via serverless functions (AWS Lambda). Do you know how Geo Targetly’s software is integrated with Lambda (or if that is even possible)? Does it integrate with edge functions? Again, if so, where is that Geo Targetly documentation? (To be clear, we have no documentation about integrating Geo Targetly with Netlify as we had never heard of it before.)

About the rudeness, this is my last warning. If you reply back picking apart our responses rudely as opposed to constructively working to move this troubleshooting forward, I will not warn you again and I will immediately suspend your forum account.

If you are willing to reply back constructively and politely, we are here to assist you.


Couldn’t agree with you more. Here’s the rub from my end - I hired someone to act as a “coordinator” for the various projects I have in flight. Said resource took bits and bobs from meetings, and decided to use that information to lambast you and your team with my current account. You have nothing but my humblest apologies as I was only apprised of these posts Thursday evening (8/24 PDT), and their candor with your team is not something I support. The “coordinator” is no longer part of my organization, and you will not be hearing from them moving forward.

To better explain the ask and our use of GeoTargetly - This is a piece that has served us well from 2015 until recently, which is when we started seeing unrealistic bandwidth consumption from areas outside the US. My “coordinator” was tasked with finding a reasonable solution, and what came back is that documentation is poor against a reasonably experimental framework (Deno), and that “Edge Functions” were too new to have robust solutions given our use case. They were asked to revisit this piece, and they took to the forums. After reading my “coordinator”s’ posts, I’m not only embarrassed but also find they did not adequately represent the ask.

Use Case: Let’s say I have successful marketing efforts in Bellingham, WA, though we have precluded all of Canada from accessing the website.In this example, I need to lift restrictions around a subset of municipalities in Canada, despite having a solid block on traffic from the country overall.

This brings is to an “If This Then That” scenario which is not covered in any documentation that we could find. GeoTargetly gives us the granularity to achieve the above, but this is a code intensive piece, and I need to be able to provide marketers with simple toggles by region. This piece needs to be a low or no-code solution.

For this to be a wholly code-based solution is inefficient, and doesn’t empower the marketers I support.

If the “firewall” is a possibility, it would only be applied to a single domain (as well as its subs), and not a piece I would roll out to everyone I currently support. We only need one feature, and a solid conversation around cost for said feature as we don’t at all need your “Enterprise” package.

Hope this helps and that we can identify a fix.


Thank you for clarifying @adsoink.

Regarding your question:

There’s no fix to identify, as nothing is broken. This is all working as intended right now. Here are some details:

I’m sorry to break this to you, but I really think you are mistaken. That thing has always only worked client-side as it can never block requests to a server. So it might have appeared to work as you need it to, but it has never solved the problem you’re trying to solve. The bandwidth spike might be sudden, but again, GeoTargetly can never block that or could have done that in the past. It will work after a page has loaded, and at that point, bandwidth has already been charged for.

We would appreciate some feedback on what part exactly seems poor to you. We can improve it accordingly. But, simply calling it poor without leaving any actionable feedback will not help us in any way. For example: “x part is unclear, y is not specified” is something like an actionable feedback.

Deno is not an experimental framework. It’s a stable solution, both on Deno’s end and on Netlify’s end.

Has your team attempted to solve this using Edge Functions? If not, you might be making assumptions (probably based on misinformation or prejudice). Edge Functions are serving billions of requests on Netlify at the moment and they’re working according to our standards of reliability.

Here’s a ready-made example: Block content according to country | Edge Functions on Netlify (

That feature is restricted to High Performance Edge package on Enterprise plans. We have no plans of bringing that feature to the Standard Edge at the moment.

Hi Hrishikesh,

Thank you very much for your thoughtful response, as well as escalating the small piece of what Netlify has documented around the use case we’ve presented. The clarify what I posited in my previous message, my marketers need the ability to toggle on/off countries, provinces/counties, and municipalities. In the advent my narrative wasn’t clear, the workflow we require is -

Example: Marketing is successful in Bellingham, WA and my team learns there is solid interest in municipalities directly across the border in Canada. Marketing is not currently running in Canada, and in our geo-fencing tool Canada is toggled to “off”. My team then -

  • Toggles Canada “on”
  • Ensures all provinces outside British Columbia are toggled “off”
  • Identifies municipalities within +/- 10 miles of Bellingham
  • Ensures all other cities in BC outside of those identified are toggled to “off”
    If we’re looking at a code-based solution with a similar workflow, this immediately appears untenable. I foresee the .geo file becoming gargantuan and difficult to maintain. It’s also a challenge to understand what the workflow would look like when this isn’t something that’s documented; the only code solution your team has been able to provide excludes Great Britain, and doesn’t address the granularity we require provided it’s available in your current iteration of Edge Functions.

The mentioned “fix” is whether or not your sales team can configure an Enterprise package that suits our specific needs. I never intended something was “broken”, and only that a “fix” would be a configurable package to help us achieve the functionality we need. Given your response, this doesn’t seem likely and the company cannot afford that level of hosting in the immediate.

Understanding there is a plethora of data available to Context.geo, is there a living example of an Edge Function workflow that can fulfill needs in the short-term? Our efforts to date:

  • We have followed the example set by the Great Britain exclusion, and manually precluded every country except for the US within the same file. This effort did not proffer any results, and ended up being a list of roughly 194 countries with the US as the only exclusion. We attempted exclusion in separate files, and this also proffered no results. This flow lends to my perception that developer supported files like this become untenable.
  • Last attempt was to dial in a cached solution via, and this also proffers no results. This piece was written in JS.
    Open to your thoughts. If a custom Enterprise hosting scenario isn’t available, we still require better guidance with the Deno/Edge Functions as something befitting our ask is not actively documented. Moreover, we have not been able to get the Context.geo file to load in any test environment, so it’s difficult to know whether or not we’re aiming at a solution in the right way.

Hope this provides additional clarity.