Not long ago, Pantheon announced that HTTPS would be available free of charge for all sites. We recently took advantage of this, and wanted to enforce HTTPS on our WordPress websites without using a plugin (which would force WordPress to bootstrap). Also, remember, on Pantheon you cannot use .htaccess (which is good).

As we write (771b52e), the wp-config.php file in Pantheon’s WordPress contains this section of code dealing with HTTP/HTTPS, which assumes HTTP as the default scheme:

Rather than adding extra code following the templates suggested by Pantheon, what we did was to simply change this section of code so that HTTPS is considered the default scheme, and all non-secure requests would be redirected to HTTPS:

This is how the diff between the two files looks like (click on view raw below to download it):