PHP: check if SSL is being used

This method should also work on servers behind a load balancer:

$isSecure = false;
 
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
    $isSecure = true;
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && 
          $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || 
          !empty($_SERVER['HTTP_X_FORWARDED_SSL']) &&
          $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') {
 
    $isSecure = true;
}

Related Post