4
Once i posted a hack to implement SSL in all the XOOPS site -->
https://xoops.org/modules/newbb/viewtopic.php?topic_id=51459&forum=14&post_id=227027#forumpost227027
I think that in your case you shouldn t change the header.php and you should put in every page you want to change, the next code.
if ( !$_SERVER["HTTPS"] && array_search( $_SERVER["REQUEST_URI"] , $secure_page ) != false ){
header("Location: https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);
}