ThunderCats.org forum HTTPS?

There's HTTPS on the main ThunderCats.org site, but the forum opens from there in plain HTTP. Manually adding the S loads the forum in a bare-bones HTML version, to which login again defaults to non-S. (Likewise, the images on the main site do not load when visiting via HTTPS.) I'm not berating anyone, here, but this appears to be a serious lapse in security, bouncing users through an insecure login to post on the forum. Is there a reason this is set up like that? Perhaps it's costly or complicated, which I can understand being an issue for a fan site, but HTTPS is now considered pretty basic security for Internet users. Thanks.

At present, it seems that as long as I don't enable JavaScript, everything remains covered by HTTPS. I suspect that this restriction this will impede my ability to format text to my liking, but at least I'm able to access the forum.