After auditing hundreds of GA4 properties, the same mistakes keep showing up. Not exotic edge cases — the same fundamental misconfigurations, on properties owned by agencies, in-house teams, and solo marketers alike. The damage is silent: your reports look fine, your dashboards render, but the numbers you're acting on are wrong.

Here are the 11 most common issues we find, what they actually cost you, and exactly how to fix each one.

01
Data retention left at the 2-month default
Critical

GA4's default data retention is 60 days. This means any user-level or event-level data older than two months is permanently deleted — silently, automatically, with no warning. Year-over-year comparisons, cohort analysis, lifetime value reporting: gone.

This is the single most common critical issue we find. The vast majority of properties we audit have never changed this setting.

Fix: Admin → Data Settings → Data Retention → Change to 14 months. Do this immediately on any new property. Data already deleted cannot be recovered.
02
Internal traffic not filtered out
Critical

Every time your team loads the website, you're recording sessions. Developers testing features, marketers checking landing pages, client demos — all of it counts as real traffic unless you explicitly exclude it. On smaller sites this can represent 5–20% of reported sessions.

The symptom: engagement metrics look unusually high (your team knows the site well), bounce rates are distorted, and pages that only your internal team visits show mysteriously elevated traffic.

Fix: Admin → Data Streams → Configure Tag Settings → Define Internal Traffic. Add your office IP addresses and any VPN ranges. Then Admin → Data Filters → Create Filter → Internal Traffic → set to Active.
03
Payment processors appearing as traffic sources
Critical

When a user clicks "Pay with Stripe" and gets redirected to Stripe's hosted payment page, then back to your confirmation page — GA4 sees that return visit as a new session from stripe.com. The original traffic source (Google Ads, organic search, email) gets overwritten. Your purchase is attributed to Stripe.

This affects every property using Stripe, PayPal, Klarna, Square, or any other hosted payment page. Attribution data is fundamentally wrong if you haven't fixed this.

Fix: Admin → Data Streams → Configure Tag Settings → List Unwanted Referrals. Add: stripe.com, paypal.com, klarna.com, checkout.stripe.com, and any other payment processors you use.
04
Staging environment traffic in production data
Critical

If your staging environment uses the same GA4 Measurement ID as production, every developer test, QA session, and pre-launch content review is recorded as real traffic. This inflates session counts, pollutes page reports with URLs that don't exist in production, and creates conversion events that never represented real user behaviour.

Fix: Create a separate GA4 property for staging/dev, or use a hostname filter in GA4 Admin → Data Filters → Developer Traffic. Alternatively, conditionally load the GA4 tag only on production hostnames in GTM.
05
Zombie conversion events (marked as conversions, zero data)
Critical

GA4 lets you mark any event as a conversion. Once marked, it stays marked — even if the underlying event stops firing. A form redesign, a GTM deployment error, a URL change that breaks a trigger: any of these can silently kill a conversion event while it remains active in your conversion tracking, reporting 0 with no alert.

Fix: Admin → Events → filter by "Mark as conversion" → cross-reference against Realtime or DebugView to confirm each conversion event is actually firing. Audit this after any significant site change.
06
UTM casing inconsistency splitting channels
Medium

GA4 treats UTM values as case-sensitive. "Email", "email", and "EMAIL" are three separate traffic sources. If your email platform uses "Email" and your team manually tags links with "email", your email channel traffic is split in two. The same applies to campaign names, medium values, and source names.

The symptom: unusually fragmented channel reports, small slivers of traffic from seemingly identical sources, email or social traffic that looks lower than expected.

Fix: Standardise to lowercase for all UTM values. Enforce this with a UTM builder spreadsheet or URL builder tool. In GTM, use a variable to force toLowerCase() on UTM parameters before they're sent to GA4.
07
Missing Consent Mode v2 for EEA traffic
Critical

Google's Consent Mode v2 became mandatory for EEA traffic in March 2024. Without it, GA4 cannot model conversions for users who decline cookie consent — meaning you have a legal compliance gap and your conversion data is understated for all EU/EEA visitors. Properties running Google Ads without Consent Mode v2 active are also at risk of losing ad personalisation features.

Fix: Implement Consent Mode v2 via your CMP (OneTrust, Cookiebot, CookieYes, etc.) or manually via GTM using gtag consent commands. Verify implementation by checking Admin → Data Streams → Consent Overview or using the Consent Mode debugger in GTM Preview.
08
Purchase events missing required parameters
Critical

GA4's purchase event requires specific parameters for e-commerce reporting to work correctly: transaction_id, value, currency, and the items array. Missing any of these means revenue data is incomplete, e-commerce reports are unreliable, and Google Ads ROAS calculations are wrong.

Fix: Use GTM Preview or GA4 DebugView to inspect your purchase event. Verify all four required parameters are present with non-empty values. Common culprit: currency omitted entirely, or transaction_id being dynamic and occasionally returning undefined.
09
Custom dimension quota nearly exhausted
Medium

GA4 gives you 50 custom dimension slots per property. Once full, you cannot add new ones without deleting existing ones — and deleting a custom dimension removes it from all historical reports. Properties that have grown organically over time often discover they're at 45+ of 50 with no clear picture of which dimensions are still in use.

Fix: Admin → Custom Definitions → audit each dimension. Delete any that haven't received data recently or are clearly legacy. Document what each remaining dimension is for. Leave yourself headroom — treat 80% capacity as a warning threshold.
10
Cross-domain tracking not configured
Medium

If your funnel spans multiple domains — a main site plus a separate checkout domain, a subdomain on a different TLD, or a booking platform — GA4 will create a new session every time a user crosses domain boundaries, breaking attribution and inflating session counts.

Fix: Admin → Data Streams → Configure Tag Settings → Configure Your Domains. Add all domains that are part of your user journey. GA4 will then pass the client ID across domain transitions automatically.
11
No BigQuery export configured
Medium

GA4's interface limits how far back you can query, applies sampling to large reports, and aggregates data in ways that make certain analyses impossible. BigQuery export gives you raw, event-level, unsampled data going back as far as you've exported — but only from the point you enable it. You cannot retroactively export historical data.

Fix: Admin → BigQuery Links → Link. The free tier of BigQuery handles most properties comfortably. Enable daily export at minimum. Enable streaming export if you need real-time data access.
How many of these does your property have? The average GA4 property we audit has 4–6 of these issues present simultaneously. Most have been there since the property was set up. Our automated audit checks all of these — and 36 more — in under 60 seconds.

Run the audit automatically

Finding these issues manually requires Admin access, knowledge of where each setting lives, and time. Our automated tool checks all 47 issues in under 60 seconds and gives you a prioritised PDF report with specific fixes for everything it finds.

Run your GA4 audit — $179 →

Travis Gunn
Travis Gunn
Founder of GA4 Health Check. Working with Google Analytics since 2013, with over 250 clients audited across almost every industry vertical. 100% Job Success on Upwork for over a decade.