By default all DotNetNuke pages use HTTP, which means their contents are transmitted in clear-text. For certain areas, such as the login page, this is not ideal. DotNetNuke supports the option to mark a page as being secure, and requiring HTTPS to load. Further information on this configuration can be read here
Whilst this is trivial for normal pages, DotNetNuke contains a number of "virtual" pages where a specific control is loaded - to secure these takes a little extra effort.
This article by Erik Van Ballegoij details the steps to secure these pages
For sites that require the strongest level of security, you can require the site will only accept HTTPS requests.