have a filter do exactly what sec_read_security_info does with ForceHostP on, except you'll only want to redirect if the requested host is www.mysite.com. pretty simple change. In fact I'd just hack sec_read_security_info to check another parameter, HostsToForce (maybe you want to generalize to a list) when ForceHostP=1.