diff --git a/www/conservancy/middleware.py b/www/conservancy/middleware.py
index 87dec7a827443c6fe7b66d4bbe96fe441eff1766..2ea8d00a6f9e8577e9958e46101fce35f6235cc8 100644
--- a/www/conservancy/middleware.py
+++ b/www/conservancy/middleware.py
@@ -13,6 +13,11 @@ class ForceCanonicalHostnameMiddleware(object):
         * adds cache headers to provide hints to squid
         """
 
+        # Never allow connection to the /admin part of the site without SSL
+        if (not request.is_secure) and request.path.startswith('/admin'):
+            url = 'https://sfconservancy.org%s' % request.path
+            return http.HttpResponseRedirect(url)
+
         # Check for a redirect based on settings.APPEND_SLASH
         host = http.get_host(request)
         old_url = [host, request.path]