So I just launched a Statamic site for a non-profit that sells tickets and takes donations. The ecommerce part is being handled by Bison ( which, btw is awesome, as is the support Jason brings). Since it uses Stripe to handle the payment, i had to enable https and get a cert installed. So far, so good.

However, when the live site is accessed by Firefox browsers, a security warning is seen like so image.jpg.

I contacted the Dreamhost helpdesk about this warning, and they sent me this [link:] (https://support.mozilla.org/en-US/kb/how-does-content-isnt-secure-affect-my-safety?as=u&utm_source=inproduct)

I set up the .htaccess file to force a secure connection when the site is loaded. This is in the .htaccess file before the default Statamic stuff:

# Redirect non-www traffic to www
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

# Force secure https connection
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.not-fo-profit.org/$1 [R,L]

So it appears that the Firefox objection is due to mixed http and https content being served up on a single page. Any .htaccess or Statamic wizards out there who can tell me how to serve up all the content as https?

Answered by Clay Harmon! Go to answer.