diff --git a/lib/http-proxy/common.js b/lib/http-proxy/common.js
index 225324ebf..a169aafab 100644
--- a/lib/http-proxy/common.js
+++ b/lib/http-proxy/common.js
@@ -134,7 +134,20 @@ common.getPort = function(req) {
 
   return res ?
     res[1] :
-    req.connection.pair ? '443' : '80';
+    common.hasEncryptedConnection(req) ? '443' : '80';
+};
+
+/**
+ * Check if the request has an encrypted connection.
+ *
+ * @param {Request} req Incoming HTTP request.
+ *
+ * @return {Boolean} Whether the connection is encrypted or not.
+ *
+ * @api private
+ */
+common.hasEncryptedConnection = function(req) {
+  return Boolean(req.connection.encrypted || req.connection.pair);
 };
 
 /**
diff --git a/lib/http-proxy/passes/web-incoming.js b/lib/http-proxy/passes/web-incoming.js
index 9f5ec20e0..4070eb316 100644
--- a/lib/http-proxy/passes/web-incoming.js
+++ b/lib/http-proxy/passes/web-incoming.js
@@ -64,7 +64,7 @@ web_o = Object.keys(web_o).map(function(pass) {
   function XHeaders(req, res, options) {
     if(!options.xfwd) return;
 
-    var encrypted = req.isSpdy || req.connection.encrypted || req.connection.pair;
+    var encrypted = req.isSpdy || common.hasEncryptedConnection(req);
     var values = {
       for  : req.connection.remoteAddress || req.socket.remoteAddress,
       port : common.getPort(req),
diff --git a/lib/http-proxy/passes/ws-incoming.js b/lib/http-proxy/passes/ws-incoming.js
index b72e55702..8264be669 100644
--- a/lib/http-proxy/passes/ws-incoming.js
+++ b/lib/http-proxy/passes/ws-incoming.js
@@ -57,7 +57,7 @@ var passes = exports;
     var values = {
       for  : req.connection.remoteAddress || req.socket.remoteAddress,
       port : common.getPort(req),
-      proto: req.connection.pair ? 'wss' : 'ws'
+      proto: common.hasEncryptedConnection(req) ? 'wss' : 'ws'
     };
 
     ['for', 'port', 'proto'].forEach(function(header) {