diff --git a/config/setup/tls.go b/config/setup/tls.go
index 431409f4..e9d3db7e 100644
--- a/config/setup/tls.go
+++ b/config/setup/tls.go
@@ -2,6 +2,7 @@ package setup
 
 import (
 	"crypto/tls"
+	"log"
 	"strings"
 
 	"github.com/mholt/caddy/middleware"
@@ -10,6 +11,12 @@ import (
 func TLS(c *Controller) (middleware.Middleware, error) {
 	c.TLS.Enabled = true
 
+	if c.Port == "http" {
+		c.TLS.Enabled = false
+		log.Printf("Warning: TLS disabled for %s://%s. To force TLS over the plaintext HTTP port, "+
+			"specify port 80 explicitly (https://%s:80).", c.Port, c.Host, c.Host)
+	}
+
 	for c.Next() {
 		if !c.NextArg() {
 			return nil, c.ArgErr()