PHP: check page is being accessed via SSL/TLS

<?php if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { // Usually this is enough to check that the page is being accessed via SSL } // However, you could also check the port number - by convention it is 443, but it can be configured otherwise if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443) { // Secure... } // Note that being behind a load balancer can affect how to detect SSL