When I have set such settings in file sites/default/settings.php on one of my Drupal7 websites:
$base_url = 'https://shkodenko.com'; // NO trailing slash! $conf['https'] = TRUE;
Users, after log in (if logged in from plain HTTP /user/login form) has started to see 403 forbidden error.
To fix it I have added such rules to main .htaccess file:
# Force SSL for user login
RewriteCond %{REQUEST_URI} ^/user/login
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://%{HTTP_HOST}/$1 [R=301,L]
This has fixed the issue.
