diff --git a/.gitignore b/.gitignore
index 6fd0a37..4c4201d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,3 +39,4 @@ luac.out
 *.x86_64
 *.hex
 
+/.idea/
diff --git a/README.md b/README.md
index db30c55..16bc3b3 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ Then in the kong.yml add
 
 ```
 custom_plugins:
-  - http-to-https-redirect
+  - kong-http-to-https-redirect
 ```
 
 Run kong reload or start and add the plugin as normal.
@@ -21,8 +21,21 @@ Run kong reload or start and add the plugin as normal.
 ### Docker installation
 We recommend using [kong-docker by dojot](https://github.com/dojot/kong). Copy this repo into the plugins directory of that project and build a custom docker image.
 
+## Info
+
+This plugins priority is set to 1500.
+So it is handled after ip-restriction, bot-detection, cors - but before jwt and other authentication plugins
+(see last paragraph in [Kongo Plugin Documentation - Custom Logic](https://docs.konghq.com/0.14.x/plugin-development/custom-logic/)).
+
+
+
 ## Configuration
-As yet, we've had no need for any configuration. Raise an issue if there's anything you'd like to see.
+
+* `exclude_uri_pattern`: 
+    When this value is empty, then a redirect is done in every HTTP (not HTTPS) request.
+    When it is set, then the redirect to https is only done when the called URI doesn't match to the Lua pattern in `exclude_uri_pattern`.
+
+Raise an issue if there's anything more you'd like to see.
 
 ## Misc
 
diff --git a/src/handler.lua b/src/handler.lua
index 9b73df5..1e06a72 100644
--- a/src/handler.lua
+++ b/src/handler.lua
@@ -3,15 +3,22 @@ local responses = require "kong.tools.responses"
 
 local HttpFilterHandler = BasePlugin:extend()
 
+-- handle redirect after ip-restriction, bot-detection, cors - but before jwt and other authentication plugins
+-- see https://docs.konghq.com/0.14.x/plugin-development/custom-logic/
+HttpFilterHandler.PRIORITY = 1500
+
 function HttpFilterHandler:new()
-  HttpFilterHandler.super.new(self, "http-to-https-redirect")
+  HttpFilterHandler.super.new(self, "kong-http-to-https-redirect")
 end
 
 function HttpFilterHandler:access(conf)
   HttpFilterHandler.super.access(self)
 
-  if ngx.var.https ~= "on" then
-    return ngx.redirect("https://" .. ngx.var.host .. ngx.var.request_uri, ngx.HTTP_MOVED_PERMANENTLY) 
+  if ngx.var.https ~= "on" and ngx.var.http_x_forwarded_proto ~= "https" then
+    local matches_exclude_pattern = conf.exclude_uri_pattern and string.find(ngx.var.request_uri, conf.exclude_uri_pattern)
+    if not matches_exclude_pattern then
+      return ngx.redirect("https://" .. ngx.var.host .. ngx.var.request_uri, ngx.HTTP_MOVED_PERMANENTLY)
+    end
   end  
 end
 
diff --git a/src/schema.lua b/src/schema.lua
index ff2ee2c..0503ceb 100644
--- a/src/schema.lua
+++ b/src/schema.lua
@@ -1,5 +1,6 @@
 return {
   no_consumer = true,
   fields = {
+    exclude_uri_pattern = {type = "string", required = false}
   }
 }