| title | Hosting Ghost |
|---|---|
| sidebarTitle | Hosting Guide |
| description | A short guide to running Ghost in a production environment and setting up an independent publication to serve traffic at scale. |
Ghost is open source software, and can be installed and maintained relatively easily on just about any VPS hosting provider. Additionally, we run an official PaaS for Ghost called Ghost(Pro), where you can have a fully managed instance set up in a couple of clicks. All revenue from Ghost(Pro) goes toward funding the future development of Ghost itself, so by using our official hosting you’ll also be funding developers to continue to improve the core product for you.
A common question we get from developers is whether they should use our official platform, or host the codebase on their own server independently. Deciding which option is best for you comes with some nuance, so below is a breakdown of the differences to help you decide what will fit your needs best.
| Ghost(Pro) official hosting | Self-hosting on your own server | |
|---|---|---|
| Product features | Identical | Identical |
| Base hosting cost | From $15/mo | From $10/mo |
| Global CDN & WAF | Included | From $20/mo |
| Email newsletter delivery | Included | From $15/mo |
| Analytics platform | Included | From $10/mo |
| Full site backups | Included | From $5/mo |
| Image editor | Included | From $12/mo |
| Payment processing fees | 0% | 0% |
| Install & setup | ✅ | Manual |
| Weekly updates | ✅ | Manual |
| Server maintenance & updates | ✅ | Manual |
| SSL certificate | ✅ | Manual |
| 24/7 on-call team | ✅ | ❌ |
| Enterprise-grade security | ✅ | ❌ |
| Ghost product support | Forum | |
| Custom edge routing policies | ❌ | ✅ |
| Direct SSH & DB access | ❌ | ✅ |
| Ability to modify core | ❌ | ✅ |
| Where the money goes | New features in Ghost |
Third-party companies |
For heavy users of Ghost, self-hosting generally works out to be more expensive vs Ghost(Pro), but for lightweight blogs it can be cheaper.
Best for most people who are focused on using the Ghost software, and don’t want to spend time managing servers. Setting up a new Ghost site takes around 20 seconds. After that, all weekly updates, backups, security and performance are managed for you.If your site ever goes down, our team gets woken up while you sleep peacefully. In most cases Ghost(Pro) ends up being lower cost than self-hosting once you add up the cost of the different service providers.
TLDR: If you're unsure: Ghost(Pro) is probably your best bet. If you have a technical team and you want maximum control and flexibility, you may get more out of self-hosting.
Ghost has a small team, so we optimize the software for a single, narrow, well-defined stack which is heavily tested. This is the same stack that we use on Ghost(Pro), so we can generally guarantee that it’s going to work well.
To date, we've achieved this with our custom Ghost-CLI install tool and the following officially supported and recommended stack:
- Ubuntu 24
- Node.js 22 LTS
- MySQL 8.0
- NGINX
- Systemd
- A server with at least 1GB memory
- A non-root user for running
ghostcommands
Ghost can also run successfully with different operating systems, databases and web servers, but these are not officially supported or widely adopted, so your mileage may (will) vary.
In Ghost 6.0 we've launched two significant new features. To achieve this whilst keeping Ghost's core architecture maintainable, we've built them as separate services. These services are Open Source and can be self-hosted, however we are moving towards modern docker compose based tooling instead of updating Ghost CLI.
Anyone can use our Ghost(Pro) hosted ActivityPub service (up to the limits below), regardless of how you host Ghost. If you want to fully self-host the social web features or you want to self-host Ghost with the web analytics features you'll need to try out the docker compose based install method. This method is brand new and so we're calling it a preview.
See self-hosting guides & instructions →
Self-hosters are free to use the hosted ActivityPub service, up to the following limits:
- 2000 max. followers
- 2000 max. following
- max. 100 interactions per day (interactions include: create a post/note, reply, like, repost)
If your usage exceeds this, you'll need to switch to self-hosting ActivityPub using docker compose.
After setting up a fresh Ubuntu install in production, it’s worth considering the following steps to make your new environment extra secure and resilient:
- Use SSL - Ghost should be configured to run over HTTPS. Ghost admin must be run over HTTPS.
- Separate admin domain - Configuring a separate admin URL can help to guard against privilege escalation and reduces available attack vectors.
- Secure MySQL - We strongly recommend running
mysql_secure_installationafter successful setup to significantly improve the security of your database. - Set up a firewall - Ubuntu servers can use the UFW firewall to make sure only connections to certain services are allowed. We recommend setting up UFW rules for
ssh,nginx,http, andhttps. If you do use UFW, make sure you don’t use any other firewalls. - Disable SSH Root & password logins - It’s a very good idea to disable SSH password based login and only connect to your server via proper SSH keys. It’s also a good idea to disable the root user.
The correct way to scale Ghost is by adding a CDN and caching layer in front of your Ghost instance. Clustering or sharding is not supported. Ghost easily scales to billions of requests per month as long as it has a solid cache.
Whenever running a public-facing production web server it’s critically important to keep all software up to date. If you don’t keep everything up to date, you place your site and your server at risk of numerous potential exploits and hacks.
If you can’t manage these things yourself, ensure that a systems administrator on your team is able to keep everything updated on your behalf.