HTTPS works but canonical links are still pointing to HTTP


I’m using Ghost 2 and the installed URL is

If you can see the source of the webpage, the canonical urls are pointing to which is incorrect. The reason is that the value of url config is but if I update it to it doesn’t work since Ghost doesn’t support SSL itself. When I point url to HTTPS and try to load the url, it redirects to which is the source url and it doesn’t load since it doesn’t support SSL.

I need to use NGINX to be able to install it to our landing page without messing up the homepage. Any suggestions?


When you configure Ghost to use an SSL url, you need to make sure nginx is configured to tell ghost it terminated the SSL connection. It sounds like you’re using a custom nginx configuration - can you check that the nginx rules in the template are present in your /blog nginx config?


@vikaspotluri123 thanks for the answer. We actually switched to Netlify recently and here is the redirects rule that we’re using:

  from = "/blog/*"
  to = ""
  status = 200
  headers = {X-Forwarded-For = "", X-Forwarded-Proto = "https", Host = "", X-Real-IP: ""}
  force = true

The url setting of the Ghost is also updated and unfortunately redirects to at the moment even though the value of Ghost settings url is

How does Nginx tell Ghost that it terminated the SSL connection? I can set new headers as you can see in Netlify redirects but I still couldn’t figure out how to do it without using Nginx.


What netlify means by redirect is sending your user from one location to another - for example, =>

Netlify does not work as a reverse proxy, which is what nginx is used for, and what you’re trying to do. For /blog/, your redirect should just contain

from = "/blog/*"
to = ""

But you should be aware that it’s not possible to point a domain to 2 separate locations (i.e. netlify AND your ghost instance)


I have the same setup: ghost not using HTTPS. But HTTPS really is a requirement nowadays, especially with chrome not serving or complaining about http.
So I use cloudflare to do SSL offloading. Setup a free cloudflare account, configure DNS, then have cloudflare provide HTTPS, but connect http only to your blog.


Do you mind sharing the blog url with me? If you’re using HTTP in Ghost setting called url, that’s also not optimal since in HTML source Ghost will use HTTP canonical links.


I use docker, so when I start the container, I specify url as http, like this:

docker run -d --name ghost-v2.1.3-1 -p 4431:2368 --restart always -v /home/yusufm/gitwork/ghost-data-v1:/var/lib/ghost/content -e url= ghost:2.1.3

That will expose everything as HTTP, so you dont need to worry about certs and SSL.
Then setup your domains on CloudFlare, and under crypto, set:
SSL: Flexible
Always use HTTPS: On

This will then make all requests to your domain reach cloudflare. CF will use Flexible SSL, so everything to CD will be HTTPS, but plain HTTP to your ghost server:

And with Always use HTTPS, CF wil convert even non-HTTPS to HTTPS:


Hey there, I have looked into your blog but it looks like the canonical links are still pointing to the HTTP. I started to believe that the maintainers intentionally made it hard to maintain your own Ghost instance. Even though the software itself is cool, they don’t support Docker officially, it doesn’t play well with Heroku or any system other than custom Nginx. All that makes sense since they want to monetize their software and make money from their managed solution. However; I can’t afford $200 plan and I don’t think it’s worth that much.

I moved all the posts to Hugo, installed Ghost theme ( setup as an admin panel and now we have in static pages hosted on Netlify for free.

For the record, we were paying $29 to Ghost previously.