[Phil]

This forum has been running under SSL (https://) for a while now. You may notice that some browsers will tell you that insecure content is being automatically blocked. I'm not sure what it's looking at. There were a handful of http: links (<a> tag) on the page, which I changed to https:, but as far as I can tell, there are no images, CSS files, JS files, etc. using http:. If there are any, they must be inside an https-protected link (which I probably can't get to). So, what browsers are complaining about, I'm not sure. Links to non-SSL pages should not generate such a warning, but who knows. I hope that they are not blindly scanning the page source for http:, even if it's in a posting's text!

One thing that can cause bona fide warnings is user avatars that use a link to your own site, and you are still using http: on them instead of https:. If you have SSL on your site, please modify your avatar and signature blocks to use https: if possible. If you post a link to another page, please use https: if at all possible. It looks better if a browser isn't complaining that content is insecure.

[Phil]

There do appear to be some inconsistencies in the forum's (SMF) handling of internal SSL links, due to the "Search Engine Friendly" links package. Sometimes it seems to force it back to non-SSL (http), especially when moving posts from one board to another. I think it may have something to do with the "topic=XXXX.X" not appearing first in the SEO cache entry. I have tried to fix all places where the URL is built (before being handed over to the SEO package), but possibly I've missed something, or am not understanding fully the cause of the problem. Stay tuned!