After enabling HTTPS, you can force all non-secure HTTP requests to get redirected to HTTPS. Unless you have a strong reason to not do this based on the specific requirements of your deployment, this is a strongly recommended feature.