diff --git a/index.php b/index.php
index de57f1078d..ecbfb3eb7b 100644
--- a/index.php
+++ b/index.php
@@ -266,10 +266,8 @@ function main()
 
     $args = $r->map($path);
 
-    $site_ssl = common_config('site', 'ssl');
-
     // If the request is HTTP and it should be HTTPS...
-    if ($site_ssl != 'never' && !GNUsocial::isHTTPS() && common_is_sensitive($args['action'])) {
+    if (GNUsocial::useHTTPS() && !GNUsocial::isHTTPS()) {
         common_redirect(common_local_url($args['action'], $args));
     }
 
diff --git a/lib/default.php b/lib/default.php
index c17c2e0bf4..dbd3a694c5 100644
--- a/lib/default.php
+++ b/lib/default.php
@@ -56,6 +56,7 @@ $default =
               'inviteonly' => true,
               'private' => false,
               'ssl' => 'never',
+              'sslproxy' => false,   // set to true to force GNU social to think it is HTTPS (i.e. using reverse proxy to enable it)
               'sslserver' => null,
               'dupelimit' => 60, // default for same person saying the same thing
               'textlimit' => 1000, // in chars; 0 == no limit
diff --git a/lib/gnusocial.php b/lib/gnusocial.php
index ed87782c47..277c41e7c8 100644
--- a/lib/gnusocial.php
+++ b/lib/gnusocial.php
@@ -426,6 +426,10 @@ class GNUsocial
 
     static function isHTTPS()
     {
+        if (common_config('site', 'sslproxy')) {
+            return true;
+        }
+
         // There are some exceptions to this; add them here!
         if (empty($_SERVER['HTTPS'])) {
             return false;