These days, it has become “normal practice” for web sites to be https. (My web browser presently says “Not Secure” on the title bar.)
Thanks to letsencrypt.org, this now costs nothing, and a web-hosting service that I commonly use has now made the entire process of securing a site and of periodically renewing the certificate something that you literally do by clicking a checkbox. I daresay that your host has done the same by now. This forum should now switch to “https” for its site.