Ghost is open source software, and can be installed and maintained relatively easily on just about any VPS hosting provider. Additionally, we run an official PaaS for Ghost called Ghost(Pro), where you can have a fully managed instance set up in a couple of clicks. All revenue from Ghost(Pro) goes toward funding the future development of Ghost itself, so by using our official hosting you’ll also be funding developers to continue to improve the core product for you.
Ghost(Pro) vs self-hosting
A common question we get from developers is whether they should use our official platform, or host the codebase on their own server independently. Deciding which option is best for you comes with some nuance, so below is a breakdown of the differences to help you decide what will fit your needs best.| Ghost(Pro) official hosting | Self-hosting on your own server | |
|---|---|---|
| Product features | Identical | Identical |
| Base hosting cost | From $15/mo | From $10/mo |
| Global CDN & WAF | Included | From $20/mo |
| Email newsletter delivery | Included | From $15/mo |
| Analytics platform | Included | From $10/mo |
| Full site backups | Included | From $5/mo |
| Image editor | Included | From $12/mo |
| Payment processing fees | 0% | 0% |
| Install & setup | ✅ | Manual |
| Weekly updates | ✅ | Manual |
| Server maintenance & updates | ✅ | Manual |
| SSL certificate | ✅ | Manual |
| 24/7 on-call team | ✅ | ❌ |
| Enterprise-grade security | ✅ | ❌ |
| Ghost product support | Forum | |
| Custom edge routing policies | ❌ | ✅ |
| Direct SSH & DB access | ❌ | ✅ |
| Ability to modify core | ❌ | ✅ |
| Where the money goes | New features in Ghost | Third-party companies |
Which option is best for me?
Self-hosting
Best for teams who are comfortable managing servers, and want full control over their environment. There’s more complexity involved, and you’ll have to pay for your own email delivery, analytics and CDN — but ultimately there’s more flexibility around exactly how the software runs.For heavy users of Ghost, self-hosting generally works out to be more expensive vs Ghost(Pro), but for lightweight blogs it can be cheaper.
Ghost(Pro)
Best for most people who are focused on using the Ghost software, and don’t want to spend time managing servers. Setting up a new Ghost site takes around 20 seconds. After that, all weekly updates, backups, security and performance are managed for you.If your site ever goes down, our team gets woken up while you sleep peacefully. In most cases Ghost(Pro) ends up being lower cost than self-hosting once you add up the cost of the different service providers.
Self-hosting details & configuration
Ghost has a small team, so we optimize the software for a single, narrow, well-defined stack which is heavily tested. This is the same stack that we use on Ghost(Pro), so we can generally guarantee that it’s going to work well. To date, we’ve achieved this with our custom Ghost-CLI install tool and the following officially supported and recommended stack:- Ubuntu 24
- Node.js 22 LTS
- MySQL 8.0
- NGINX
- Systemd
- A server with at least 1GB memory
- A non-root user for running
ghostcommands
Social Web (ActivityPub) and Web Analytics (Tinybird)
In Ghost 6.0 we’ve launched two significant new features. To achieve this whilst keeping Ghost’s core architecture maintainable, we’ve built them as separate services. These services are Open Source and can be self-hosted, however we are moving towards modern docker compose based tooling instead of updating Ghost CLI. Anyone can use our Ghost(Pro) hosted ActivityPub service (up to the limits below), regardless of how you host Ghost. If you want to fully self-host the social web features or you want to self-host Ghost with the web analytics features you’ll need to try out the docker compose based install method. This method is brand new and so we’re calling it a preview. See self-hosting guides & instructions →Hosted ActivityPub Usage Limits
Self-hosters are free to use the hosted ActivityPub service, up to the following limits:- 2000 max. followers
- 2000 max. following
- max. 100 interactions per day (interactions include: create a post/note, reply, like, repost)
Server hardening
After setting up a fresh Ubuntu install in production, it’s worth considering the following steps to make your new environment extra secure and resilient:- Use SSL - Ghost should be configured to run over HTTPS. Ghost admin must be run over HTTPS.
- Separate admin domain - Configuring a separate admin URL can help to guard against privilege escalation and reduces available attack vectors.
- Secure MySQL - We strongly recommend running
mysql_secure_installationafter successful setup to significantly improve the security of your database. - Set up a firewall - Ubuntu servers can use the UFW firewall to make sure only connections to certain services are allowed. We recommend setting up UFW rules for
ssh,nginx,http, andhttps. If you do use UFW, make sure you don’t use any other firewalls. - Disable SSH Root & password logins - It’s a very good idea to disable SSH password based login and only connect to your server via proper SSH keys. It’s also a good idea to disable the root user.