Manual:$wgSecureLogin

Details
If true, forces users to authenticate using https when they come from http, but only if you use a protocol-relative URL in $wgServer (otherwise this setting is ignored).

From 1.22 on, use $wgDefaultUserOptions to set  false by default if you want HTTP users to stay on HTTP after login by default.

Based on an idea by George Herbert on wikitech-l: wikitech-l/2010-October/050071.html.

Setting after 1.17
You will need to set $wgServer as following. $wgServer          = "//replacethisexample.com"; $wgSecureLogin     = true;