Translations:Manual:$wgSecureLogin/4/en

If true, forces users to authenticate using https when they come from http, but only if you use a protocol-relative URL in $Server (otherwise this setting is ignored).