diff --git a/app/controllers/application.rb b/app/controllers/application.rb
index 998a009..8f3b759 100644
--- a/app/controllers/application.rb
+++ b/app/controllers/application.rb
@@ -38,8 +38,9 @@ class ApplicationController < ActionController::Base
     redirect_to_ssl
   end
   def redirect_to_ssl
-    return true if environment.disable_ssl
+    return false if environment.disable_ssl
     redirect_to(params.merge(:protocol => 'https://'))
+    true
   end
 
   def self.refuse_ssl(*options)
diff --git a/app/controllers/public/content_viewer_controller.rb b/app/controllers/public/content_viewer_controller.rb
index 37a4763..2dc5ff2 100644
--- a/app/controllers/public/content_viewer_controller.rb
+++ b/app/controllers/public/content_viewer_controller.rb
@@ -29,8 +29,7 @@ class ContentViewerController < ApplicationController
     end
 
     if !@page.public? && !request.ssl?
-      redirect_to_ssl
-      return
+      return if redirect_to_ssl
     end
 
     if !@page.display_to?(user)
diff --git a/test/functional/application_controller_test.rb b/test/functional/application_controller_test.rb
index 98dc674..6592b8f 100644
--- a/test/functional/application_controller_test.rb
+++ b/test/functional/application_controller_test.rb
@@ -356,6 +356,21 @@ class ApplicationControllerTest < Test::Unit::TestCase
     assert_redirected_to :x => '1', :y => '1', :protocol => 'https://'
   end
 
+  should 'return true in redirect_to_ssl' do
+    env = mock
+    env.expects(:disable_ssl).returns(false)
+    @controller.expects(:environment).returns(env)
+    @controller.expects(:params).returns({})
+    @controller.expects(:redirect_to).with({:protocol => 'https://'})
+    assert_equal true, @controller.redirect_to_ssl
+  end
+  should 'return false in redirect_to_ssl when ssl is disabled' do
+    env = mock
+    env.expects(:disable_ssl).returns(true)
+    @controller.expects(:environment).returns(env)
+    assert_equal false, @controller.redirect_to_ssl
+  end
+
   should 'not force ssl when ssl is disabled' do
     env = Environment.default
     env.expects(:disable_ssl).returns(true)
diff --git a/test/functional/content_viewer_controller_test.rb b/test/functional/content_viewer_controller_test.rb
index d971c86..2f3a2a8 100644
--- a/test/functional/content_viewer_controller_test.rb
+++ b/test/functional/content_viewer_controller_test.rb
@@ -451,4 +451,14 @@ class ContentViewerControllerTest < Test::Unit::TestCase
     assert_no_tag :tag => 'a', :attributes => {:href => ('/myprofile/' + prof.identifier + '/cms/publish/' + page.id.to_s)}
   end
 
+  should 'deny access before trying SSL when SSL is disabled' do
+    @controller.expects(:redirect_to_ssl).returns(false)
+    profile = create_user('testuser').person
+    profile.public_profile = false
+    profile.save!
+
+    get :view_page, :profile => 'testuser', :page => profile.home_page.explode_path
+    assert_response 403
+  end
+
 end
--
libgit2 0.21.2