diff --git a/include/class.config.php b/include/class.config.php
index 0a458764f65986e574a7d18a09d3994541c58443..126c96c900d3aca1955bf4241d8098ebd429bfe2 100644
--- a/include/class.config.php
+++ b/include/class.config.php
@@ -66,11 +66,10 @@ class Config {
             return $this->session[$key];
         elseif (isset($this->config[$key]))
             return $this->config[$key]['value'];
-        elseif ($default !== null)
-            return $this->set($key, $default);
         elseif (isset($this->defaults[$key]))
             return $this->defaults[$key];
-        return null;
+
+        return $default;
     }
 
     function exists($key) {
diff --git a/include/class.osticket.php b/include/class.osticket.php
index 4b064e4ee27539aa17b2d6186821d7937ad164f7..b877527f007638267cab97e5acf7ac4dca4b83f1 100644
--- a/include/class.osticket.php
+++ b/include/class.osticket.php
@@ -352,6 +352,16 @@ class osTicket {
         return null;
     }
 
+    /**
+     * Returns TRUE if the request was made via HTTPS and false otherwise
+     */
+    function is_https() {
+        return (isset($_SERVER['HTTPS'])
+                && strtolower($_SERVER['HTTPS']) == 'on')
+            || (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])
+                && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https');
+    }
+
     /* returns true if script is being executed via commandline */
     function is_cli() {
         return (!strcasecmp(substr(php_sapi_name(), 0, 3), 'cli')
diff --git a/include/class.ostsession.php b/include/class.ostsession.php
index 1bcea436bd0115e957fd2c26da147f445190e63e..7541e19ec04aba50072abb7e495e48725316f5c7 100644
--- a/include/class.ostsession.php
+++ b/include/class.ostsession.php
@@ -21,7 +21,6 @@ class osTicketSession {
     var $id = '';
 
     function osTicketSession($ttl=0){
-
         $this->ttl =$ttl?$ttl:get_cfg_var('session.gc_maxlifetime');
         if(!$this->ttl)
             $this->ttl=SESSION_TTL;
@@ -40,6 +39,7 @@ class osTicketSession {
             register_shutdown_function('session_write_close');
         }
         //Start the session.
+        session_name('OSTSESSID');
         session_start();
     }
 
diff --git a/kb/kb.inc.php b/kb/kb.inc.php
index ed0ab8c21f803473c9a324cf033b235a58fc6f8a..a53c515cb7c90906ec930291b3e07a5ded6a5e95 100644
--- a/kb/kb.inc.php
+++ b/kb/kb.inc.php
@@ -13,7 +13,6 @@
 
     vim: expandtab sw=4 ts=4 sts=4:
 **********************************************************************/
-define('ROOT_PATH','../');
 require_once('../client.inc.php');
 require_once(INCLUDE_DIR.'class.faq.php');
 /* Bail out if knowledgebase is disabled or if we have no public-published FAQs. */
diff --git a/main.inc.php b/main.inc.php
index 062c1d139c52ecee11cb000fa5d16afd03160631..5f07a80e1b77d4026d02780c8f817b6e26aa3e05 100644
--- a/main.inc.php
+++ b/main.inc.php
@@ -34,8 +34,6 @@
     ini_set('session.use_trans_sid', 0);
     #No cache
     session_cache_limiter('nocache');
-    #Cookies
-    //ini_set('session.cookie_path','/osticket/');
 
     #Error reporting...Good idea to ENABLE error reporting to a file. i.e display_errors should be set to false
     $error_reporting = E_ALL & ~E_NOTICE;
@@ -62,7 +60,12 @@
     }
 
     #Set Dir constants
-    if(!defined('ROOT_PATH')) define('ROOT_PATH','./'); //root path. Damn directories
+    $here = substr(realpath(dirname(__file__)),
+        strlen($_SERVER['DOCUMENT_ROOT']));
+    // Determine the path in the URI used as the base of the osTicket
+    // installation
+    if (!defined('ROOT_PATH'))
+        define('ROOT_PATH', str_replace('\\', '/', $here.'/')); //root path. Damn directories
 
     define('ROOT_DIR',str_replace('\\\\', '/', realpath(dirname(__FILE__))).'/'); #Get real path for root dir ---linux and windows
     define('INCLUDE_DIR',ROOT_DIR.'include/'); //Change this if include is moved outside the web path.
@@ -128,6 +131,10 @@
     else
         require(INCLUDE_DIR.'mysql.php');
 
+    #Cookies
+    session_set_cookie_params(86400, ROOT_PATH, $_SERVER['HTTP_HOST'],
+        osTicket::is_https());
+
     #CURRENT EXECUTING SCRIPT.
     define('THISPAGE', Misc::currentURL());
     define('THISURI', $_SERVER['REQUEST_URI']);
diff --git a/pages/index.php b/pages/index.php
index 78c49e73783c608b041f833745f14ba78ad5a2dc..75c5490dd7be32bd7be1de368cefeeee830ec432 100644
--- a/pages/index.php
+++ b/pages/index.php
@@ -15,7 +15,6 @@
     vim: expandtab sw=4 ts=4 sts=4:
 **********************************************************************/
 @chdir(realpath(dirname(__file__).'/../'));
-define('ROOT_PATH','../');
 
 require_once('client.inc.php');
 require_once(INCLUDE_DIR.'class.format.php');
diff --git a/scp/staff.inc.php b/scp/staff.inc.php
index 503c3cd413be64319882c255f9595029cbd0615d..54ff91b9976bc4e3ddbc558e07d5f205c1ee2d06 100644
--- a/scp/staff.inc.php
+++ b/scp/staff.inc.php
@@ -17,7 +17,6 @@ if(basename($_SERVER['SCRIPT_NAME'])==basename(__FILE__)) die('Access denied');
 
 if(!file_exists('../main.inc.php')) die('Fatal error... get technical support');
 
-define('ROOT_PATH','../'); //Path to the root dir.
 require_once('../main.inc.php');
 
 if(!defined('INCLUDE_DIR')) die('Fatal error... invalid setting.');
@@ -64,7 +63,7 @@ if(!$thisstaff || !is_object($thisstaff) || !$thisstaff->getId() || !$thisstaff-
         $msg = $_SESSION['_staff']['auth']['msg'];
         unset($_SESSION['_staff']['auth']['msg']);
     }
-    elseif ($thisstaff && !$thisstaff->isValid())
+    elseif (isset($_SESSION['_staff']['userID']) && !$thisstaff->isValid())
         $msg = 'Session timed out due to inactivity';
     else
         $msg = 'Authentication Required';