diff --git a/index.php b/index.php
index 6019cecd3..36ff74169 100755
--- a/index.php
+++ b/index.php
@@ -55,6 +55,17 @@ if(! $a->install) {
 	call_hooks('init_1');
 	
 	load_translation_table($a->language);
+	// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
+
+	if((! $a->install) && intval($a->config['system']['ssl_cookie_protection'])) {
+		$arr = session_get_cookie_params();
+		session_set_cookie_params(
+			((isset($arr['lifetime']))  ? $arr['lifetime'] : 60*5),
+			((isset($arr['path']))      ? $arr['path']     : '/'),
+			((isset($arr['domain']))    ? $arr['domain']   : $a->get_hostname()),
+			((isset($_SERVER['HTTPS'])) ? true             : false),
+			((isset($arr['httponly']))  ? $arr['httponly'] : true));
+	}
 }
 else {
 	// load translations but do not check plugins as we have no database
@@ -73,15 +84,6 @@ else {
  *
  */
 
-// Force the cookie to be secure (https only) if this site is SSL enabled. Must be done before session_start().
-
-$arr = session_get_cookie_params();
-session_set_cookie_params(
-	((isset($arr['lifetime']))  ? $arr['lifetime'] : 60*5),
-	((isset($arr['path']))      ? $arr['path']     : '/'),
-	((isset($arr['domain']))    ? $arr['domain']   : $a->get_hostname()),
-	((isset($_SERVER['HTTPS'])) ? true             : false),
-	((isset($arr['httponly']))  ? $arr['httponly'] : true));
 session_start();
 
 /**
diff --git a/version.inc b/version.inc
index 101a79e18..ecc31a81a 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2014-05-07.668
+2014-05-08.669