So we did everything as instucted in both documents.. none corrected the issue. We also use Sucuri for our server protection. Also, our hosting company says not to switch fast cgi as it actually slows the site down. we need a fix!
Force HTTPS under your global configuration's Server tab (System > Global Configuration > Server > Server Settings) to the Entire site. **DONE**
Please check your configuration.php file, the variable $live_site should be empty. If you have any value there, remove it:
$live_site = '' **EXACTLY AS SHOWN HERE**
The problem you are having is caused by your redirection rules (most likely you are redirecting non-www to www or vice-versa), but your $live_site variable does not have the www.
Additionally into .htaccess file please add the below code:
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin 'origin-list'
Header set Access-Control-Allow-Credentials true
</IfModule>
** DONE**
If the above 3 tips will not help, please From cPanel disable mod_security. **TRIED, BUT STILL DID NOTHING**
Set HTTPS as origin URL in MaxCDN setup admin console.
**Not sure where to do this as we do not use MAXCDN, we use Sucuri, if that matters.**
If the above tip will not help, and if PHP is running in FastCGI mode. Switching to CGI mode solves the problem.
Our server is running in this mode also: Server API CGI/FastCGI