I have a few couch sites that are utilizing Cloudflare for SSL. Everything works as it should with regards to https when I first make the switch to Cloudflare. But lately I have been visiting these sites and I get a ton of mixed content errors in the console. They seem to be just image related. Below are the steps I have taken, what I think is happening and wondering how I can fix the issue from occurring:

1. I updated the config file with the code from @cheesypoof here: https://www.couchcms.com/forum/viewtopic.php?f=8&t=7859
2. I turn on SSL and force https at Cloudflare.
3. I make sure that all files, embedded images etc. have an https reference and make sure there aren't any mixed content errors to get the glorious green lock to display.

The problem seems to be when someone logs into the CMS from http and saves anything it updates all of the images that have been uploaded through Couch to have http instead of https. When I login from https and save anything the mixed content errors go away. Somehow the admin doesn't redirect to https. Is there a setting in Couch that I need to change?

You can try defining the URL to your site in the config file using https.

Code: Select all

    // 1.
    // If neccesary, define the full URL of your site including the subdomain, if any.
    // V.IMP: Don't forget the trailing slash!
    define( 'K_SITE_URL', 'https://www.example.com/' ); 

This should force couch to output urls from the CMS as https. If they're updating files such as images in the admin panel this may not work - The best suggestion I have is just to force everyone to use HTTPS always to avoid anyone updating the admin panel from HTTP.

I tried that and I get a too many redirects error.

Did you try to force SSL all the time? How did you try to implement it? Feel free to message me on skype if you need a hand