The problem is: That simple link to a backup HTTP login or registration page can't be on a HTTPS page, or it would be as much <expletive> use as a bicycle is to a fish!
Unlike your typical social media site, this forum has to presume there is actually a somewhat functional brain in between most users' keyboards and chairs, so is it *SO* unreasonable to expect users to take a >tiny< bit of responsibility for their own security?
Anyway the current pressure towards HTTPS is *all* security theatre smoke and mirrors from the big browser companies and orgs and their advertising partners (who hate the idea that their paid for advertising could be replaced by someone else's in transit), as we are all habitually receiving HTTPS pages delivered over CDNs without guaranteed end to end security, around 75% of the world user base of the WWW as a whole, doesn't use ad-blockers (and advertising CDNs are even easier to compromise) and 99%+ happily allow Javascript to run by default on all pages they visit.
I suggest reading the link I posted, which has further links to the great EEVblog HTTPS debate of 2017. The horse isn't merely "pining for the fjords", its positively skeletal.