diff --git a/securepages.module b/securepages.module
index 428ee71..4d48db8 100644
--- a/securepages.module
+++ b/securepages.module
@@ -9,6 +9,16 @@
  * Implementation of hook_boot().
  */
 function securepages_boot() {
+  // Load modules implementing hook_url_inbound_alter().
+  // For some reason drupal doesn't invoke this hook unless modules implementing
+  // it are loaded explicitly. Be sure to keep this list up to date.
+  drupal_load('module', 'url_alter');
+  drupal_load('module', 'subpath_alias');
+
+  // Call bootstrap for path a bit earlier. We want this hook_boot() operate
+  // on normal path, not aliases.
+  _drupal_bootstrap(DRUPAL_BOOTSTRAP_PATH);
+
   $path = isset($_GET['q']) ? $_GET['q'] : '';
   if ($path == 'admin/build/securepages/test') {
     if (securepages_is_secure()) {
@@ -36,29 +46,7 @@ function securepages_boot() {
     return;
   }
 
-  if (!isset($_SESSION['securepages_redirect'])) {
-    securepages_redirect();
-  }
-}
-
-/**
- * Implementation of hook_init().
- */
-function securepages_init() {
-  if (!variable_get('securepages_enable', 0) || basename($_SERVER['PHP_SELF']) != 'index.php' || php_sapi_name() == 'cli') {
-    return;
-  }
-
-  /**
-   * If we have redirected in the hook_boot(). Then don't try to redirect
-   * again. This will prevent a loop
-   */
-  if (!isset($_SESSION['securepages_redirect'])) {
-    securepages_redirect();
-  }
-  else {
-    unset($_SESSION['securepages_redirect']);
-  }
+  securepages_redirect();
 }
 
 /**
@@ -172,7 +160,6 @@ function securepages_redirect() {
 function securepages_goto($secure) {
   global $base_root;
 
-  $_SESSION['securepages_redirect'] = TRUE;
   $path = !empty($_REQUEST['q']) ? $_REQUEST['q'] : '';
   $query = count($_GET) > 1 ? securepages_get_query($_GET) : NULL;
   $url = securepages_url($path, array('query' => $query, 'secure' => $secure));