diff --git a/.htaccess b/.htaccess
index ce35d68..37f1bc8 100644
--- a/.htaccess
+++ b/.htaccess
@@ -3,3 +3,7 @@ RewriteRule ^assets - [L]
 RewriteRule ^.well-known - [L]
 RewriteRule ^data/public/ - [L]
 RewriteRule . index.php
+
+<IfModule headers_module>
+    Header always set Content-Security-Policy "upgrade-insecure-requests;"
+</ifModule>
diff --git a/descartes/env.php b/descartes/env.php
index a2e0982..4ac01a2 100644
--- a/descartes/env.php
+++ b/descartes/env.php
@@ -5,12 +5,28 @@
      * Define Descartes env
      */
     $http_dir_path = '/raspisms'; //Path we need to put after servername in url to access app
-    $http_protocol = (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://';
-    $http_server_name = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost';
-    $http_server_port = isset($_SERVER['SERVER_PORT']) ? ($_SERVER['SERVER_PORT'] == 80) ? '' : ':' . $_SERVER['SERVER_PORT'] : '';
-    $https = $_SERVER['HTTPS'] ?? false;
 
-    if ( !isset($_SERVER['SERVER_PORT']) || ($_SERVER['SERVER_PORT'] == 80 && !$https) || ($_SERVER['SERVER_PORT'] == 443 && $https) )
+    if ((isset($_SERVER['HTTPS']) && (($_SERVER['HTTPS'] == 'on') || ($_SERVER['HTTPS'] == '1'))) || (isset($_SERVER['HTTPS']) &&    $_SERVER['SERVER_PORT'] == 443)) {
+        // Our server uses HTTPS
+        $https = true;
+        $http_proxy = false;
+        $http_protocol = 'https://';
+    } elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') {
+        // We are behind a HTTPS proxy
+        $https = true;
+        $http_proxy = true;
+        $http_protocol = 'https://';
+        // Don't bother to advertise port behind a proxy server
+    } else {
+        // Standard HTTP
+        $https = false;
+        $http_proxy = false;
+        $http_protocol = 'http://';
+    }
+
+    $http_server_name = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost';
+
+    if (!isset($_SERVER['SERVER_PORT']) || ($_SERVER['SERVER_PORT'] == 80 && !$https) || ($_SERVER['SERVER_PORT'] == 443 && $https) || $http_proxy)
     {
         $http_server_port = '';
     }
@@ -19,6 +35,10 @@
         $http_server_port = ':' . $_SERVER['SERVER_PORT'];
     }
 
+    $pwd = substr(__DIR__, 0, strrpos(__DIR__, '/'));
+    $http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path;
+
+
 
     $pwd = substr(__DIR__, 0, strrpos(__DIR__, '/'));
     $http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path;