ISTM that www.pencil2d.org is available via HTTPS (despite being no HSTS header nor redirect), which is cool
But my browser gives me a “mixed content” warning due to an image not loaded over HTTPS:
devicepx-jetpack.js?ver=201731:28 Mixed Content: The page at 'https://www.pencil2d.org/forums/forum/website/' was loaded over HTTPS, but requested an insecure image '/uploads/default/original/1X/5f880e434d38bf61f8f2b1896c99dccd38fa9055.png'. This content should also be served over HTTPS.
That’s probably due to the wordpress configuration hardcoding http:// somewhere, IMHO it would be nice to have it cleared
mattia, https-everywhere supported ^^