Beginner's Guide to Hosting a Blog on Azure - Part 3
4 min read

Beginner's Guide to Hosting a Blog on Azure - Part 3

Beginner's Guide to Hosting a Blog on Azure - Part 3

This is Part 3 of a 3 part tutorial which deploys a Ghost blog onto an Azure virtual machine, and directs traffic from a domain name (purchased on Google Domains) to the newly created Azure instance.

Part 0 / Part 1 / Part 2 / Part 3


In this section, we'll cover more about Ghost and will configure a free SSL certificate for any static websites you own.

Theming, blog advice, and Ghost tips & tricks

1.  Go to in order to configure setup. Here, you’ll create a site title and the administrator user for your blog. Moving forward, will be where you go to login, update designs, add blog entries, etc.

2.  We’ll leave it to Ghost to teach you how to use their platform. I'll cover some highlights beyond the basics. Follow these docs for setting Ghost up.

Themes –just download the ZIP and import it on the Design menu item. You can always customize the code yourself directly via SSH or by running Ghost locally.

Integrations – I like Amplitude to track web traffic and users. If you do follow Ghost’s instruction guide for Amplitude, you can actually auto-add events by pasting the following line into your theme’s header (ultimately combining step 5 and 6)


This makes it possible to track full user journies:

Amplitude's robust tracking, easily set up with instructions above

Members – you can set up subscription pricing via Stripe and share Members-only posts.

How to change your configured Ghost site URL

If you're running into issues with a misconfigured protocol or domain, you can update it easily with the ghost config command

ghost config url
ghost setup nginx ssl 
ghost restart

How to configure a free SSL certificate on a (non-Ghost) website

1.  First, ensure you can access your virtual machine and can edit files using vim or via a client like Coda. This will be necessary in later steps.

2.  You must also have a domain name purchased, and the A record of your domain name must be pointed to your instance’s public IP address. We covered this earlier in the tutorial.

3.  You must have also copied your application code to a file location, e.g. to /var/www/siteName by using GitHub or some other means. This is left up to you as to how you copy the files—teaching GitHub is another tutorial but is highly recommended.

4.  Start by accessing your virtual machine via SSH or another means.

5.  Assuming this is a new website and is not live, you will first need to create an NGINX configuration for your site to be live without SSL. If the site is already live on Port 80—i.e. you can access it at—you can move to step 10.

cd /etc/nginx/sites-available

6.  Create a new file and paste in the following, replacing /var/www/sitename with the file path to your website and with your domain name.

server {
	listen 80;
	listen [::]:80;
	root /var/www/sitename;

	index index.html index.htm index.nginx-debian.html;

	location / {
		try_files $uri $uri/ =404;

7.     Create a symlink to enable the site on NGINX. Replace filename with the name of the file you created in step 6.

sudo ln -s /etc/nginx/sites-available/fileName /etc/nginx/sites-enabled/

8.     Check the NGINX configuration to ensure there are no errors

sudo nginx -t

9.     Restart the NGINX service

sudo service nginx restart

10.  At this point, you should be able to access your website via—and changes made to the HTML/application on your server should be reflected on the public Internet. If this is not the case, you will be unsuccessful in generating a certificate for the website. For the coming steps, we will be mostly following CertBot’s setup guide, found here.

sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
sudo ln -s /snap/bin/certbot /usr/bin/certbot
sudo certbot --nginx

11.  Below is a summary of the questions asked when you run sudo certbox --nginx, and the success scenario—i.e. where your domain name is live on

12.  Lastly, test automatic renewal by typing

sudo certbot renew --dry-run

Setting up Livepatch for your Ubuntu VM

  1. Go to and create an account (select 'Get Livepatch' and 'Ubuntu customer' assuming you used an Ubuntu virtual machine when creating your VM in Part 1.
  2. Log in and generate your token.
  3. To enable live kernel patches on an Ubuntu machine, open a terminal and enter:
sudo snap install canonical-livepatch
sudo canonical-livepatch enable [TOKEN]

Part 0 / Part 1 / Part 2 / Part 3

Enjoying these posts? Subscribe for more