Why would it need to be secured?
To prevent injection of bonus functionality when browsing from unsecured wifi.
To protect the cookies from being swiped on, again, unsecured wifi.
Because HTTPS is just plain better.
Get a basic StartSSL cert or something for the forum.