Softaculous and Webuzo don't force HTTPS to prevent NSA and (other) MITM interceptions. This is a security related bug. HTTPS should be the default in order to prevent agencies such as the NSA, the chinese government or any type of hacker to intercept the login credentials and own the entire server through Softaculous software.