I have a .htaccess to force HTTPS in a directory. It works fine on the company network. But from outside the network the browser reports a redirect loop. Here's what I've discovered but I don't know where to go from here. On the company network: The 301 Permanent Redirect response header has the location set to https://www.domain.com. Outside the network: The 301 Permanent Redirect response header has the location set to http://www.domain.com Could a proxy server be changing the header before it leaves our network?