diff --git a/settings.py b/settings.py
index 2804def6ec43adbcf1b7ea46a28a1536683126b5..9721d7318a5301cda5bcf3f4b2f82741f7a3da67 100644
--- a/settings.py
+++ b/settings.py
@@ -74,7 +74,9 @@ SECRET_KEY = get_from_env('SECRET_KEY', 'replaceme')
 if (get_from_env('SSL', '0') == '1'):
     SECURE_SSL_REDIRECT = True
     SESSION_COOKIE_SECURE = True
-    SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTOCOL", "https")
+
+    # tuned for Heroku
+    SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
 SESSION_COOKIE_HTTPONLY = True