I just enabled https for both frontend and backend (even -dev instances). Right now it is self-signed certificate. Certificate signed by some known CA is on the way.
My next plan is to enable https as default url in copr-cli and in baseurl of repo file.
Please report if you experience some problems.