[Security] Dynamic non-server content breaking SSL. [HELP]

[Schultz.SF]

This user has been denied support.

Hi all.

I have a MyBB forum which is running SSL via NGINX. SSL is forced through an Nginx configuration.

My issue is that any content that is not hosted on the server itself, such as users who post tutorials and post images which are not on the server (for eg, IMGUR), they break the SSL. SSL is desgined to encrypt data to, and from the server but with users posting images or content that is not on the the server, the SSL breaks and comes up with a sign that not all content is going through SSL.

Is there any way to fix this error? It's pretty serious.

[Cameron:D]

I think the best you can do is suggest they use services that support SSL. Dropbox enforces it, imgur supports it (Maybe a plugin to change all http://i.imgur... URLs to https://i.imgur...).

I guess you could also set up some kind of service to proxy/cache the images and serve them over HTTPS, but that could be open to abuse.

[Nathan Malcolm]

Hi,

The MyBB group offers support under the conditions of our Support Eligibility policy. It is apparent that one or more of your forums do not meet the conditions of our policy and therefore you are ineligible for support. This could be because of adult, piracy or hacking related content or because your forum does not display the minimum “Powered by MyBB” notice.

If you have any questions regarding this policy please post in the Private Inquiries forum.

Regards,
The MyBB group.