Still getting mixed content warnings

G’day vonodyssey,

When you run the SSL Test tool, what does it recommend for HTTPS Detection?

Tools > SSL Tests

NB: just because you have CloudFront, that doesn’t mean you will be getting the HTTP_CLOUDFRONT_FORWARDED_PROTO header. You need to use the setting recommended by the tool or on the settings page. Most likely, it will be HTTP_X_FORWARDED_PROTO.

CloudFront only forwards the CloudFront-Forwarded-Proto header when you configure it to do so. You would only do that if your site mixed HTTP and HTTPS pages, which you should not be doing on a new website these days. There is no advantage to mixing HTTP and HTTPS any more, unless you have advertisements coming from networks that don’t support HTTPS.

cheers,
Ross

Hi Ross, thanks for the quick reply! I’m actually getting the result

Your server environment shows this:

error

It may be that the godaddy temporary domain & our cloudfront forward don’t work together. We are not mixing http & https pages, all of our content is http. However, we must serve our site from an https site via cloudfront, hence I thought using this tool would be useful.

Have you tried the setting HTTP_X_FORWARDED_PROTO? I’d imagine that’s what CloudFront will be sending. If it isn’t, check your CloudFront settings.

You might need to ask GoDaddy for help on this. They might have settings that prevent access to the test script in the plugin (hence your error response), and might also be messing with the headers coming from CloudFront.

cheers,
Ross

Hi Ross, sadly HTTP_X_FORWARDED_PROTO also hasn’t worked. I’ll check in with godaddy and post in here if theres any resolution.
Thank you!