Manual:$wgSecureLogin/sd

تفصيلون
If true, forces users to authenticate using https when they come from http, but only if you use a protocol-relative URL in  (otherwise this setting is ignored).

From 1.22 on, use  to set   false by default if you want HTTP users to stay on HTTP after login by default.

Based on an idea by George Herbert on wikitech-l: wikitech-l/2010-October/050071.html.

Setting after 1.17
You will need to set $wgServer as following.