ShinyProxy behind Nginx reverse proxy with SSL labelled not secure


#1

I have ShinyProxy running behind a Nginx reverse proxy with SSL enabled via Lets Encrypt’s Certbot. I have followed the security guide here: https://www.shinyproxy.io/security/

You can see my site here: [deleted]

Chrome and Firefox give a warning about the site not being fully secure:
image

For the first second or so, it says it is secure, then the status changes to an exclamation mark. Does anyone have any suggestions for how I can debug this? My worry is that ShinyProxy is loading something from an http source (perhaps an image?).

Adding an additional location block to /etc/nginx/sites-available/default, like so:
location /test/ {
alias /var/www/html/;
index index.html index.htm index.nginx-debian.html;
}
gives completely secure access when you visit [deleted], which is evidence for it being specifically to do with ShinyProxy. Edit; now this also shows only partially secure, so it is something to do with nginx. Apparently you can’t delete posts in this forum. But if anyone has any ideas, I’d be grateful. My nginx default is the same as is recommended.


#2

I got this when I used a http url for the logo image.