View Site gives "refused to connect"

Hello
I have just installed ghost on my web server and except for one smaller issue it appears to be working well. I can make posts, view them and so on. The small issue is that the site preview at “View site” does not work. Here is a screenshot: Imgur: The magic of the Internet
What can I do to fix this?

Thank you.

Machine: raspberry pi 4 with raspbian
url: https://ghost.heuristics.art/
Ghost-CLI version: 1.13.1
Ghost version: 3.15.2 (at /var/www/ghost)
Browsers tested: chrome&brave
No errors seen in console or error log file
Not sure how to reproduce
my config files: https://textuploader.com/1c6ej

This might be down to your X-Frame-Options, which can prevent your site from appearing in an iframe (which is what this view uses). You can change the value to SAMEORIGIN which will allow Ghost admin to load your site. More details can be found on MDN:

Hope this helps!

Thank you. I think this is the right solution. It made it work in brave on ios and chrome on windows. Brave on windows claims that the x-frame-options are still wrong however, I find that weird, looking at the source with curl -v it looks like it gets set right. Maybe I have a caching issue.

I had previously not tried ghost in microsoft edge, I did now and noticed that the admin (/ghost) page wont load there, just infinite loading wheel, maybe it’s a know bug? (not important for me, I don’t use edge)

Anyway, thank you.

Edit ------
Cleared brave cache, it works now. (i’m happy )

I followed the instructions given and added to my nginx config file at system/files/nginxconfig.file under ghost home folder.

location / {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    add_header X-Frame-Options SAMEORIGIN always;        <<<<<<<<

after restart of nginx, no changes in effect.

did i miss any steps …?

Hey @ravinayag, is this the whole file? Wondering if there’s some missing formatting here

Since its all common , hence I snipped for better view. If you looking for full file… here you go…

server {
    listen 80;
    listen [::]:80;

    server_name blog.mydom.com;
    root /var/www/blog1/system/nginx-root; # Used for acme.sh SSL verification (https://acme.sh)

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://127.0.0.1:2368;

    }

    location ~ /.well-known {
        allow all;
    }

    client_max_body_size 50m;
}



server {
    listen 443 ssl;
    listen [::]:443 ssl;
    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;
    ssl on;

    server_name blog.mydom.com;
    error_log /var/log/nginx/blog_error.log;

    root /var/www/blog1/system/nginx-root;
    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        add_header X-Frame-Options SAMEORIGIN always;

        proxy_pass https://127.0.0.1:2368;
        proxy_redirect off;
    }

    location ~ /.well-known {
        allow all;
    }

    client_max_body_size 50m;



    ssl_certificate /etc/letsencrypt/live/mydom.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mydwom.com/privkey.pem; # managed by Certbot
}

Hmm that does appear to be right. Wonder if Ghost itself needs restarting

Was there any special restart apart from ghost restart ?

That should be it, guessing this wasn’t successful?

yes, its not successful… looking for alternate solutions.

You’ve only added the frame options to your HTTPS block, not your HTTP block.

TBH, in 2020, I’d redirect all http traffic to https if I were you and only maintain one config. Less room for bugs and more secure.