I'm using the
Loading mixed (insecure) display content "http://anrcho.com/simple_captcha?code=f987a2c87ea145419d79a00d6a257df701e2bea8&time=1465962694" on a secure page
Adding the following lines (as described here) to my
nginx.conf solved the issue of
request.protocol returning the wrong protocol:
proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Ssl on;
As far as the captcha image not loading, whether as secure or insecure content,
imagemagick has to be installed.