Inboard

← Inboard blog

Where to put your tracking script on Squarespace

By Coconut5 min read

Short answer: Settings → Advanced → Code Injection → Header. Paste the <script> tag in that box. Save. Reload your public site in an incognito tab. The script now runs on every page.

If that worked — close the tab, you're done. If it didn't, the next 1,200 words are for you.

Why "header" is a trick question on Squarespace

The docs your analytics vendor gave you probably say something like "paste this in the <head> of your site." On a hand-coded site you'd open an HTML file and find the <head> tag. Squarespace doesn't let you open an HTML file. It doesn't even show you one.

Instead, Squarespace has a feature called Code Injection, which is the closest thing it has to letting you edit the <head>. It lives in a different place depending on which version of Squarespace you're on, and that is what makes this a trick question. Three common mis-pastes:

  • Pasting into a Code Block on a page. A Code Block runs code on that one page, in the body, not the head. Your script fires only when a visitor hits that page. If they land on any other page, nothing fires.
  • Pasting into a Markdown block, or the page's description field. These are content surfaces. They strip or escape HTML. Your script never runs at all.
  • Pasting into the Footer Code Injection box. Some scripts are fine in the footer; many need to be in the head to catch the page load. Mixing these up is one of the three or four most common support tickets for every analytics tool.

The box you want is called Header and it's in the site-wide settings — not on any one page. Below is the exact click-path for both current versions of Squarespace.

Click path — Squarespace 7.1 (the version new sites launch on)

  1. Log in to your Squarespace site.
  2. In the left-hand sidebar, click Settings.
  3. Scroll down, click Developer ToolsCode Injection. (On older 7.1 themes this item is labelled Advanced → Code Injection — same destination.)
  4. You'll see three text boxes: Header, Footer, and (on Commerce plans) Order Status Page.
  5. Paste your tracking script into the Header box.
  6. Click Save in the top-left corner.
  7. Open your live site in an incognito / private window and reload.

The script now runs on every public page. It does not run inside the Squarespace editor preview — that's intentional, so your dashboards aren't polluted with your own editing sessions.

Click path — Squarespace 7.0 (older sites, Classic themes)

  1. Log in to your Squarespace site.
  2. In the left-hand sidebar, click Settings.
  3. Click AdvancedCode Injection.
  4. Paste the script into the Header box.
  5. Click Save.
  6. Reload the public site in an incognito tab to verify.

The boxes are visually almost identical between 7.0 and 7.1; the difference is only how you navigate to them. If you're not sure which version you're on, Squarespace's help docs have a good rundown.

How to tell if it actually fired

"I pasted it, I saved it, nothing happened" is the second-most-common support ticket. Nothing looking different doesn't mean nothing did happen. Here's how to check.

Open your live site in an incognito window. Right-click anywhere, choose Inspect (or press F12). Open the Network tab. Reload the page.

In the Network tab, type the domain of your analytics provider into the filter bar — e.g. plausible, posthog, mixpanel, ga.js, whatever applies. You should see at least one request go out. If you do, the script is loading.

For a stricter check, go to the Console tab and type the name of the global your script defines — for most analytics libraries, something like window.plausible, window.posthog, or window.gtag. If the global is defined, the library loaded and initialised. If undefined, the script either didn't load, or it loaded but crashed before initialising (check the Console for a red error).

If neither works, the three most likely causes, in order of frequency:

  1. You pasted into the wrong box. Re-check step 4 above.
  2. You forgot to click Save. It happens more than you'd expect.
  3. Your script has a syntax error that Squarespace accepted as text but the browser rejects. Open the live page's View Source and look at what actually got rendered — if it's mangled, your script had a character Squarespace escaped.

One Squarespace-specific gotcha: the editor preview

Squarespace shows you your site in an embedded preview when you're logged in as the editor. Your script does not run in that preview. If you test your tracking by looking at the editor preview, you will always see zero events and conclude it's broken. It isn't — it's just that the preview strips code injection deliberately.

Always test in an incognito or private window where you're not logged in to Squarespace.

What this doesn't cover

A few adjacent things that are not this post:

  • Squarespace Commerce order status page. If your script needs to fire after checkout, you'll paste it into the Order Status Page box instead of / in addition to Header. That box only appears on Commerce plans.
  • Member Areas. Pages behind a Squarespace Member Area login are a separate surface. Test your Member Area pages separately — Squarespace scopes some scripts out of auth-gated pages.
  • Per-page code injection. Individual pages can have their own head code in Page Settings → Advanced → Page Header Code Injection. This is rare and usually a bad idea — page-level scripts fight the site-wide ones and cause double-firing. Stick with site-wide Header unless you have a specific reason.
  • Squarespace's built-in Google Analytics setting. On some plans Squarespace gives you a GA4 measurement-ID field in a different settings menu. That path adds its own wrapper and sometimes conflicts with a hand-pasted GA script. Pick one or the other.

Why your users shouldn't have to read this

If you're a SaaS founder reading this with a sinking feeling — because right now your users are out there, trying to figure out on their own what we just spent 800 words explaining — you're in the right place for a different reason.

The install step your users hit is full of platform quirks like the one above. Old-Squarespace-vs-new-Squarespace, Code Block vs. Code Injection, editor-preview-doesn't-fire. Every one of those is a support ticket waiting to happen, or — worse — a user who never opens a ticket because they just close the tab.

We built Inboard for exactly this shape of problem. Your users drop into a widget on your dashboard that walks them through the install on their platform with their click path and verifies the script fired before they close the tab. If you ship a tool your users install on Squarespace (and Webflow, and WordPress, and Wix, and all the other site builders this guide doesn't cover), this is the page for you.

If you're the user — you got what you needed above. Close the tab. The script's running.

References