Is work many year http and no secure login. GDPR activate 2016 and forum not work https only made by fix day ago so i think that no reason
The fact that it worked for those years is not a reason why it was the 'correct way'.
Using http was just wrong (when logged in) and the forum was at fault all those years.
There where also 2 forum-urls which made the whole thing even more confusing.
I often had a mail-notification with a http-link and was prompted to login if I wanted to reply. The login was on http and was INSECURE !!!
That's why all the urls now redirect to https and to one domain-name. Consistency.
Almost all sited on the internet redirect to their https counterparts of you visit the http.
So could someone give a good reason not to use https?
As stated, the mailreader is already fixed.
Technically, the redirection could be done only if there is no ?IWantAnInsecureSite=1 in the url, but does someone really want that (for a good reason)?