Cover image and blog hardening

Well hardening as far as if I should ever get a sudden barrage of users it would hold up on its own. I did some tests with

Using the standard node.js configuration it failed badly. I think I was able to do 50 clients at once with a 3 second response time. Pretty crappy. It handled ok and didn't throw errors but still not very good. Granted I'd probably never hit that anyways. Had to try another approach and that was to try and use NGINX to handle caching as recommended at many places.

My first attempt was a gist I found on github. The problem was that it didn't work. It didn't seem to cache anything sent to nodejs and I honestly don't know why. Probably because proxy_cache is defined outside the location scope?

After this I thought back to another route. For the most part if you have to install a theme on Ghost it requires a restart of the Node.JS server anyways for the GUI to see it. Granted once you get it visible then you normally can switch without issues. If however you don't intend to switch it anytime soon then you can let NGINX access those items directly without issue which is what I ended up doing.

The article is about 2 years old but it gets the job done. Essentially it sets up alias points for content images, assets, public files, and scripts directly on the frontend since NGINX excels at serving static content. After that definitions are setup for Ghost. There is an important bit though. It has an independent one for the admin area. For the most part you don't want to cache that at all since it may cause issues.

However I came across a hiccup when I tried to access the admin area. I got stuck in a look. As far as I can tell the original page didn't account for people to setup https for accessing that area like I do (the main site doesn't need https although you can access it that way if you want...). I made some changes though bringing in from my old config and that got fixed up right away. I do think sending the connection scheme to the nodejs server is what did it since it was probably trying to send http and nodejs kept trying to redirect to https for the admin area.

Anyways here is my current nginx config for ghost if anyone is interested. It isn't anything amazing but it works well for me. Note that this config does have logging enabled for NGINX so there is definitely some double logging going on but the proof it was working was when NGINX was spitting out a crap ton of log entries and virtually none of the hits were making it through to the backend nodejs server. ^_^

Robert Pendell

A techie with several years of private experience in the industry. I've dabbled in many things with tech and server administration. Oh and I love my anime so I might mention it once or twice here.

Newburg, PA, USA