Obrigado @NateDhaliwal, algumas boas sugestões.
Alternar essa configuração e recarregar não faz diferença.
Não consigo acessar o modo de segurança de forma alguma - https://discourse.nzarchiteure.net.nz dá um aviso de link quebrado no meu navegador (assim como http://discourse.nzarchiteure.net.nz)
Certamente há erros nessa página - sugerindo que o diálogo de login está por algum motivo tentando referenciar uma mistura de URLs baseadas em https e http para seu conteúdo.
(index):365 Mixed Content: The page at 'https://nzarchitecture.net.nz/' was loaded over HTTPS, but requested an insecure font 'http://nzarchitecture.net.nz/fonts/JetBrainsMono-Regular.woff2?v=0.0.19'. This request has been blocked; the content must be served over HTTPS.
(index):365 Mixed Content: The page at 'https://nzarchitecture.net.nz/' was loaded over HTTPS, but requested an insecure font 'http://nzarchitecture.net.nz/fonts/JetBrainsMono-Bold.woff2?v=0.0.19'. This request has been blocked; the content must be served over HTTPS.
app.js:297 ℹ️ Discourse v2025.12.0-latest — https://github.com/discourse/discourse/commits/4e84c286d6 — Ember v6.6.0
content.js:18 [Form Persistence] Inicializando a extensão de persistência de formulário...
content.js:868 shouldRun: false
(index):1 Mixed Content: The page at 'https://nzarchitecture.net.nz/' was loaded over HTTPS, but requested an insecure favicon 'http://nzarchitecture.net.nz/uploads/default/optimized/1X/f194d3ff8870aa98f79a9aef41a5d954c243aef6_2_32x32.png'. This request has been blocked; the content must be served over HTTPS.
content.js:13 [Form Persistence] Dados obtidos do armazenamento: Object
content.js:18 [Form Persistence] Persistência de formulário não ativada na página atual
(index):1 Mixed Content: The page at 'https://nzarchitecture.net.nz/' was loaded over HTTPS, but requested an insecure element 'http://nzarchitecture.net.nz/uploads/default/original/1X/5d5ed6d82ef2bd08985655747ca1f2d08e94ac0e.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
(index):1 Mixed Content: The page at 'https://nzarchitecture.net.nz/' was loaded over HTTPS, but requested an insecure image 'http://nzarchitecture.net.nz/uploads/default/original/1X/5d5ed6d82ef2bd08985655747ca1f2d08e94ac0e.png'. This request has been blocked; the content must be served over HTTPS.
(index):1 Mixed Content: The page at 'https://nzarchitecture.net.nz/' was loaded over HTTPS, but requested an insecure element 'http://nzarchitecture.net.nz/uploads/default/optimized/1X/f194d3ff8870aa98f79a9aef41a5d954c243aef6_2_512x512.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
content.js:18 [Form Persistence] Comando de verificação de status recebido
content.js:13 [Form Persistence] Dados obtidos do armazenamento: Object
content.js:18 [Form Persistence] Estado da página atualizado: Object
Eu também não sei de onde vêm aqueles caracteres chineses entre os avisos do console, e se eles são motivo de preocupação? O site em si foi criado em inglês e não tem outras traduções configuradas.
Como faço para dizer ao Discourse para carregar imagens apenas via https?