Self-hosted: forbid "phoning home" (calling and/or


is it possible to prevent the request to and in the admin dashboard?

I understand why these requests are made. But I don’t want these to happen. And in my opinion, it should be up to each user whether they want these requests or not. I haven’t found any setting or documentation about it anywhere. that’s why I ask here :)


1 Like

These requests are necessary to display the information about Ghost in the dashboard (like updates to the platform and new help resources.) They’re getting information, not sending it, so it’s not really phoning home.

Ghost is open source, so you can always modify the codebase to prevent this information from populating the dashboard.

The screenshots confirm these are all GET requests, but they still send the IP address of the blog as part of the HTTP protocol.

1 Like

Hey @RyanF , thanks for your answer.
I know, that I could edit ghost files to prevent calling external resources in the dashboard. But then I have to make these changes again and again after an update. I wish there was an option in the system setting to control displaying external content/resources.
As @markstos pointed out, “Ghost” as an organization can collect and process the client’s IP and browser data user agent, as well as the origin domain via referrer.

And it is not limited to requests to Ghost, but other requests are also made across the Internet:

And all that for information that is not relevant for me and I don’t want.
The embedding of third party content should, as already written, all be optional. I don’t mind opting out instead of opting in, if you think that’s a great feature for the majority of the users…

Is this a dead issue? I realize that you can make code changes to the dashboard to stop these outgoing requests. But it seems like the friendly thing to do would be to add a toggle somewhere for people who need/want to disable these outbound connections. Especially the ones to servers that aren’t to or CDN, although I’d still prefer the option to self host any js or whatever else Ghost may need so I can make it all tidy and self contained without needing to call out.

It seems like the bulk of these external connections are done to populate the extra content in the main dashboard view. “Ghost Resources”, “Featured Publications”, “Ghost Community”, etc.


1 Like

If the devs are taking enhancement suggestions, I would suggest that those outbound calls and the extra content in the dashboard be able to be blocked via configuration. The following stanza should logically block ALL outbound connections like that. Would you consider adding an additional flag so when enabling ‘useTinfoil’ it will also block those outbound connections?

"privacy": {
    "useTinfoil": true

My guess is that you’ll have a faster solution coding it yourself than waiting for the core team to implement it.

The full-time developers are primarily funded through Ghost Pro hosting, and this wouldn’t help the hosting product income.

It also not as easy as “just make a toggle”. Work has to be done to make every one of this assets shipped with the project or disabled. That would involve coordination across multiple other repos. Then this code has to be maintained forever.

That’s why it’s best implemented by someone who has interest and maintain a fork/patch as Ghost evolves.