https doesn't matter for pages that don't pass credentials over the connection.
If a website has a user login, it should be over a secure connection.
Some phpBB versions, even old ones, do have login on a separate https page. If there's a setting for such in this version, it would be good to turn it on.