Ghost Admin Panel Redirecting to Main Page

The Problem:
When I navigate to my homepage, everything works fine, no issues at all. When I navigate to /ghost, however, it briefly displays the admin page without any CSS before quickly redirecting me to: /ghost/#/site with no admin elements displayed (e.g. sidebar). There are 2 scroll bars, one for the homepage, and one for the admin view which primarily shows oversized icons and links without any styling (image). Note: this only happens after I am signed into the admin page. If I clear my cookies, I am presented with the login page to sign in. After signing in, I am redirected.

My Configuration:

  • Running Ghost-CLI version 1.9.1 and Ghost version 2.21.0.
  • Cloudflare <-> Nginx Reverse Proxy (Using Cloudflare’s origin certificate for SSL) <-> Ghost’s Nginx Server
  • Ghost is configured to use https:// (Running ghost config url https://... did not change the Ghost Nginx configuration file, it was still set to port 80, so I made a self-signed certificate that my reverse proxy verified and set the Ghost Nginx server to use port 443… Maybe the problem lies here?)

Questions:

  • Has anyone else done what I am doing (Using Cloudflare’s SSL with a seperate reverse proxy sitting between the internet and Ghost’s Nginx)? Is there a better way to accomplish this?
  • Previous to this specific issue, I was having problems where the Ghost admin page was sending mixed http/https content back to the browser (The homepage was not, however), which made me realize I did not have Ghost configured to use https. I set my Ghost instance URL to use https, and that’s when these issues started happening… Did I miss a step here?

Configurations:

Ghost Nginx Configuration
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name blog.carsonseese.com;
    root /var/www/ghost/system/nginx-root;

    ssl_certificate /etc/nginx/ssl/cloudflare.pem;
    ssl_certificate_key /etc/nginx/ssl/cloudflare.key;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://127.0.0.1:2368;

    }

    location ~ /.well-known {
        allow all;
    }

    client_max_body_size 50m;
}
Nginx Reverse Proxy Configuration
server {
    server_name blog.carsonseese.com;

    listen 80;
    listen 443 ssl;

    include /etc/nginx/cloudflare-allow.conf;
    deny all;

    ssl_certificate /etc/nginx/ssl/cloudflare/carsonseese.com/pem;
    ssl_certificate_key /etc/nginx/ssl/cloudflare/carsonseese.com/key;

    location / {
                proxy_pass https://192.168.150.17;
                proxy_ssl_trusted_certificate /etc/nginx/ssl/cloudflare/carsonseese.com/pem;
                proxy_ssl_verify off;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_connect_timeout 150;
                proxy_send_timeout 100;
                proxy_read_timeout 100;
                proxy_buffers 4 32k;
                client_max_body_size 50m;
                client_body_buffer_size 128k;
    }

    access_log /var/log/nginx/access.log;

    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    }
}

Hey @CS-5 :wave:

If you’re redirected to /ghost/#/site, you’re in the Admin interface (showing your site is a new thing in that was added: https://blog.ghost.org/view-site/). The sidebar should exist where you can navigate to different pages. What exactly are you expecting?

@CS-5 do you have any frame-busting code on your site or via CloudFlare?

If you do then it’s likely busting your site out of the iframe that’s used in the admin which is why you see the admin briefly. The better setup would be to use the X-Frame-Options header rather than an on-page or JS approach.

Whoops! I forgot to mention (will edit my post), no sidebar is shown or anything else in the admin interface. It is as it if just redirected me back to the homepage.

I spoke too soon it appears. I just went back to investigate, and I realized the admin page elements are loading, but clearly there is some Javascript or CSS that is not loading properly (image). There are no errors in the console to indicate that, however.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.