Wanderings.

The force-ssl plugin to WordPress from Almost Effortless, helped me accomplish my goal of having all traffic from justinhaynes.com be over ssl even when people browse here with ordinary http.

In Gallery, I used the code from that plugin:

if($_SERVER["HTTPS"] != "on") {
  $newurl = "https://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
  header("Location: $newurl");
  exit();
}

, by putting it in the gallery directory in a file called ssl_hack.php. Then, in the init.php file in the same directory, around line 48 next to the other requires, I added this line here:

require(dirname(__FILE__) . "/ssl_hack.php");

Getting this to happen on any particular directory can be done by using mod_rewrite. In my httpd.conf for my htdocs directory, I adapted from http://www.webmasterworld.com/forum92/600.htm, and now my Directory section for my DocumentRoot looks like this :

#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
    Options Indexes FollowSymLinks

#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
    AllowOverride AuthConfig FileInfo

#
# Controls who can get stuff from this server.
#
    Order allow,deny
    Allow from all

# Rewrite all http to https:  JHH 12/24/2005
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteCond %{HTTP_HOST}   !^$
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301]