Cloudflare Workers + an affiliate widget: the cleanest way to monetize geo-blocked traffic in 2026
If your site already runs on Cloudflare, monetizing blocked traffic is a five-line Worker change. Here's the pattern, the gotchas, and the eligibility-aware overlay it ships with.
Cloudflare's edge gives you everything you need to detect and act on geo-blocked traffic before the page even renders. Combined with an eligibility-aware overlay like ReTarget.gg, you can flip a per-region revenue line on without touching your origin.
This is the pattern we recommend.
The 30-second mental model
Visitor → Cloudflare edge → Worker checks region → Origin (with overlay key)
↘ ↑
(no origin) ↑
|
ReTarget overlay rendered at edge
The Worker decides whether the visitor is eligible for your product. If they're not, you can either:
- Pass through to origin and let the ReTarget script tag detect & monetize on the client (simplest).
- Inject the overlay at the edge via HTMLRewriter, so blocked visitors never even hit your origin (cheapest at scale).
Pattern 2 saves origin bandwidth on every blocked impression. For a site doing seven-figure pageviews from blocked geos, that's measurable.
The edge-injection pattern
Here's the minimal Worker:
// worker.ts
const RETARGET_SCRIPT = `
<script>
(function () {
var s = document.createElement('script');
s.src = 'https://cdn.retarget.gg/widget.js';
s.async = true;
s.setAttribute('data-pub', 'YOUR_PUBLIC_KEY');
s.setAttribute('data-website', 'YOUR_WEBSITE_KEY');
(document.head || document.documentElement).appendChild(s);
})();
</script>
`;
const ALLOWED = new Set(["GB", "DE", "CA", "IE"]); // your licensed regions
export default {
async fetch(request: Request): Promise<Response> {
const country = request.cf?.country ?? "XX";
const upstream = await fetch(request);
if (ALLOWED.has(country)) {
return upstream; // pass through
}
return new HTMLRewriter()
.on("head", { element: (el) => el.append(RETARGET_SCRIPT, { html: true }) })
.transform(upstream);
},
};That's it. Cloudflare gives you request.cf.country for free, you check it against your licensed-region set, and only inject the script for blocked visitors. In-region visitors get the unmodified origin response.
Why edge-side instead of client-side detection
You can ship the script on every page and let the client-side widget detect blocked visitors. That's the default install pattern. It works fine. But for high-traffic sites:
- Edge-side detection avoids loading the widget for in-region visitors. Saves ~14 KB per session.
- Edge-side is harder to block with adblockers. The widget is injected as inline HTML into your origin response, not loaded as a third-party script.
- You can pre-decide the auction context. Pass
data-region,data-vertical, etc. as attributes from the Worker.
The eligibility check still happens at auction time
A common worry: if the Worker injects the script for any blocked visitor, won't unlicensed-region visitors see ineligible offers? No — the eligibility engine runs server-side at auction time. The Worker just injects the script; the script asks api.retarget.gg for an eligible offer; the API only returns offers from advertisers licensed in the visitor's region. Worst case, the API returns no offer and the overlay never renders.
When to not use this pattern
- You don't already use Cloudflare. Don't migrate just for this. The client-side pattern is fine.
- You have aggressive caching at the edge. HTMLRewriter doesn't compose with Workers Cache 1:1; test before shipping.
- You serve dynamic per-user content from origin. The Worker still calls origin; you're not bypassing it.
For a deeper walk-through, see Cloudflare integration recipe.
Where to start
- Get your public + website keys from the dashboard.
- Read Quickstart to understand the script.
- Drop in the Worker above.
- Watch Analytics for the first 1,000 blocked impressions.
If you want help wiring this for a specific stack, contact the team.
Ready to monetize blocked traffic?
Two-minute install, free for publishers. The network handles eligibility, advertiser demand, and payouts.