Is the check:
if (!isset($_SERVER['HTTPS']) OR empty($_SERVER['HTTPS']))
{
// We are NOT using SSL
}
a fool-proof way of checking if we are NOT using SSL with PHP/Apache?
I understand that IIS sets to 'on/off' but that's irrelevant for me. I am just wondering if I additionally need to check for port 443, etc.