How to Force https with Ghost

Rusted Master padlock hanging on the old chain of a state park gate.
Photo by Meritt Thomas / Unsplash

Alright so I set everything up in my last post and everything was working just fine until I went to set up ghost memberships on and the signup process wouldn't work.

Ghost is using a cool passwordless approach to authentication. That means no passwords for anyone to remember!

It also means that you login with your email only, then you have ten minutes to check your email, and click that email to get the appropriate JSON web tokens (JWT) for authentication.

It's a cool work around for passwords but it turns out it relies strongly on the Stripe and Mailgun integrations to effectively serve the JWT.

I clearly didn't configure my base URL properly and Stripe was refusing the request over http, so I had to find a way to force https.

I was googling and googling and going down a rabbit hole of complexity and things I didn't really want to have to do. Until I luckily stumbled across this documentation that was in front of my eyes the whole time.

It turned out to be a lot simpler than I initially thought it would be. Now I have to double check my Mailgun configuration because the email isn't getting through but that's a new post in the near future.

Here's what I did (you may want to review my last post if it doesn't make sense).

Step 1: Login to Your Droplet/Server

For beginners the '$' in these can be omitted, it's just a common way to write out the input of the terminal.

$ ssh root@your_server_ip

Step 2: Login to the Appropriate User

In that last post my first user was called sammy, and my second user for my second site was named janey but you should replace either with the username that you used to set up the domain you need to change.

If I wanted to change the configuration of my first site it'd look like this:

$ su - sammy

You should see your command line prompt change to something like:


Step 3: Find the Appropriate Domain Configuration

If you know it (I have mine written down) you can simply navigate right into that directory:

$ cd /var/www/<nameofdirectory>

If you forget or simply want to see what domains you have configurations for:

$ cd /var/www

To list the directories on your screen it's a simple command that everyone should know:

$ ls

Step 4: Run the Ghost-CLI Commands

From here on down it's basically just following that ghost documentation:

$ ghost config url https://<yourwebsiteurl>

Then if you didn't set up your ssl in that last article for some reason you'd run:

$ ghost setup nginx ssl

This is to set up the ssl but we already did, so running that command is redundant and won't do anything else.

Step 5: Restart Ghost

Simply run:

$ ghost restart

You'll probably have to enter your user password but seconds later you'll be set.

Wrapping Up

Well that turned out to be a lot easier in the end than I anticipated. That's always a nice surprise. signup is no longer spinning and giving me an error in the developer console.

I get the confirmation that an email was sent:

My new problem is that the email is nowhere to be found!

Time to debug Mailgun...

Darren Beattie

Read more posts by this author.