Manual:$wgSecureLogin

Details
If true, forces users to authenticate using https when they come from http, but only if you use a protocol-relative URL in   (otherwise this setting is ignored).

Note also that under certain circumstances, when serving http and https in parallel on a web server, specifying http within a browser's location and adding the   query parameter, the login page will be downgraded from https to http, even when   is set to true.

A link will then display above the username field allowing a user to choose the secure login option.

From 1.22 on, use   to set  false by default if you want HTTP users to stay on HTTP after login by default.

Based on an idea by George Herbert on wikitech-l: wikitech-l/2010-October/050071.html.

You will need to set $wgServer as following.