If you have an existing site — for example a shop, or a static site hosted elsewhere — Ghost can be run from a separate location e.g. yourdomain.com/blog otherwise known as a subdirectory.

Subdirectory installs are supported at the Business plan level and require a custom nginx or apache configuration that follows reverse proxy rules. In addition to a proxy, you must also contact [email protected] to indicate the subdirectory path to be used with your publication.

Reverse proxy rules

Follow these rules to create a valid reverse proxy to Ghost(Pro). You can use the same setup to proxy if you don't need a subdirectory as well.

1. Provide a certificate & serve HTTPS traffic.
Only HTTPS traffic is supported.

2. Redirect non-HTTPS traffic to HTTPS.
It's more performant for this to be configured at the proxy level.

3. Proxy to your ghost.io subdomain, leaving it set as the HOST header.
Required to get through our security layer.

4. Have an X-Forwarded-Host header that matches the custom domain in my.ghost.org.
Without this, your blog will redirect to your ghost.io subdomain, causing a loop.

5. Include the X-Forwarded-Proto header set to https not http.
Without this your blog will redirect to https, causing a loop.

6. Include the X-Forwarded-For header, populated with the remote IP of the original request.
Without this, we aren't able to detect spam traffic patterns and your site risks being rate limited or incorrectly restricted.

7. Pass through all requests with the correct methods and headers
Your proxy must forward all HEAD, GET, POST, PUT and DELETE requests to your host with the request method, headers, and response intact, and must also pass through all standard HTTP headers and any x-ghost headers, including Authorization and set-cookie.

Example configurations

The following configurations show how to setup a reverse proxy for a subdirectory.

Troubleshooting

These configurations are only guaranteed to work in isolation. If you have any pre-existing top-level domain config, this could override the subdirectory. To troubleshoot any issues, review your top-level domain config for conflicts.

Verification

To ensure your proxy is sending the correct headers use the following curl command:

curl -IL -H 'x-ghost-proxy:true' https://<your domain here>/<subdirectory>

If your proxy is correct you’ll see a response header of x-ghost-proxy set to VALID. If an invalid header is detected, you will see INVALID next to it.  This command only verifies headers and does not check that all traffic is being routed correctly.

Once your proxy is configured, we recommend verifying the following things, to ensure the proxy is working fully:

  • Login to https://<your domain here>/<subdirectory>/ghost/
  • Upload an image
  • Create and schedule a post
  • Delete a post
  • See changes reflected in the sitemap at https://<your domain here>/<subdirectory>/sitemap.xml