Private Site password page looping - how to fix?

Hi, I just deployed ghost on FastComet’s servers (their techs did it) and everything seems to work fine except the Private Site feature.

When I turn the private site on, I get the “This site is private” page. When I enter the password nothing happens. The page just reloads. It will do this until I get the 429 error saying too many attempts. If I put in the wrong password it says so. But the right password doesn’t seem to do anything. I’ve tried this on 4-5 browsers and the same things happen on them all.

FastComet support says it is a bug with the software, but since I have only found one other person with this issue after a lot of searching, I don’t think this is the case. However, I’m at a dead-end in finding out what is going on. Do any of you have a clue as to what might fix this issue?

Oh, and this happens on all of the installations of Ghost on this server, it is not limited to a single instance.

If I open up the console, this is what I see:
/ghost/api/canary/admin/users/me/?include=roles:1 Failed to load resource: the server responded with a status of 403 (Forbidden)
/ghost/#/site:1 Unchecked runtime.lastError: The message port closed before a response was received. Failed to load resource: the server responded with a status of 429 (Too Many Requests)

  • Version 2.37.0
  • Environment development
  • Database sqlite3
  • Mail Direct


I also have some hosting on FastComet. I had the FC help techs update my ghost installer to install the new Ghost Version 3 on my server, so from now on my Ghost installs on FastComet are all v3.

You could do the same – don’t know but maybe that would resolve the problem you are having?

Thanks! I’ll checkout V3.

I forgot to update this thread after it started working - so the techs there, after blaming Ghost for a while, eventually figured it out. I pestered them for a week and had enough of a tech background to figure out it was not Ghost. I had to go through like 5-6 techs until I got one that was able to help. However, they refused to tell me what the fix was (even when I asked 4 times). So it seems like it was something on their end and they didn’t want to share. Anyway - if it happens to anyone else, it is something server side.


Nice update – thanks for stitching it all up!