My blog is hosted on Azure Web Pages. A few months ago I decided to use SSL on it because I can get a free SSL certificate from "Let's Encrypt" website .
Change URL in configSimple change URL in config.js generates the following error:
Too many redirects Why? As you probably know, Ghost is a node.js app. Azure IIS, in this case, is a reverse proxy server. It is working on localhost with http . Moreover, Ghost has the build-in check for SSL. But it doesn't know anything about the reverse proxy. And it checks http://127.0.0.1:[process.env.PORT] instead of https://stapp.space in my case. Bad fixWhen first time I had above error. I found a simple fix: rewrite all URL in the web.config from http to https . And it was working like a charm. The rule was more or less like below:
<rule name="ForceSSL" stopProcessing="true"> <match url="(.*)" /> <conditions> <add input="{HTTPS}" pattern="^OFF$" /> </conditions> <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="Permanent" /> </rule>But this ends with bellow problems:
my web page generates all URLs starting with http . So almost every user click was redirected without a reason. on RRS feed I had the same problem. Firefox shows warnings on my page only because of above SearchingOn Google search, I found Tom SSL blog with an article about this problem . But he suggests changing a function inside Ghost. This function is function isSSLrequired(isAdmin) .
After applying this solution, on every Ghost upgrade, I will have to remember about above fix. No way.
Then, I found the second solution. But it applies only to NGIX and Apache: https://github.com/TryGhost/Ghost/issues/2796
And this gave me a clue.
Good fixTo add the X-Forwarded-Proto header in IIS configuration, I need one line in iisnode.yml :
enableXFF: trueThe iisnode.yml file is side by side with web.config.
Now put correct URL in your config.js . Restart web page and it is working like a charm.
p.s.You can also follow me on Twitter , where I can share a variety of good information on entrepreneurship and technology with you.