I transfred my site from godaddy to modx cloud, and got a new SSL. For whatever reason, the site is now pulling up as insecure and I’m starting to scratch my head. I’ve been playing with the htaccess to no avail, and I’ve been checking the old support comments. Any help or ideas would be great thank you.
A browser indicating the site is insecure could also be caused by mixed content; i.e. some content in your site is requested via HTTP instead of HTTPS. View the source of your page and look for anything that starts with http:// and then correct that in your templating to https.
# Tells the browser to always force SSL.
# Do not uncomment this line if there is a chance you will turn off SSL
# add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
if ($host != "www.mydomain.com") {
return 301 https://www.mydomain.com$request_uri;
}
if ($scheme != "https") {
return 301 https://$host$request_uri;
}