Please enable HSTS to avoid sslstrip or a MITM replacing the http page.
Added.
Thanks for adding, it was working fine but it seems that there is not working right now.
Inspecting with
http://web-sniffer.net/ you can see that no "strict-transport-security:" is set when you type
https://blockchain.info.