@Cynna 

Hello Cynna.  I assume this references the router's UI.  It is not actually an unsecured site.  While the URL, by default, is HTTP, instead of HTTPS, its not actually a website.  It is a DNS resolution of the router's default gateway IP address.  It is also not a public-facing URL.  As it represents the router's Gateway address, a private IP, it can only be accessed by a device on the local network of the router.  Because of this there is no real reason a secure site is needed.  

That said you can enable router login via HTTPS from the router's administration settings in the Advanced menu.  

  @Cynna,

The site that I believe you are talking about is the redirect site that is used to access the WebUI, correct?

This web address and the data passing between your device and the router while connected are entirely hosted on your own network and cannot be accessed or seen from outside of your local network. Essentially, the router will look for that web address, and when a request is made with that URL, the router will connect your device directly to the UI of your router based on its current IP address. Meaning you are not connecting to a website, but rather just the interface of your router through your LOCAL network connection.

Our teams always make our user's and network's safety and security a top priority for development. Any sensitive information passed to TP-Link servers such as your login for your TP-Link ID is always encrypted and secured.