Adjust auto_https explanation

src/docs/markdown/caddyfile/options.md

@@ -177,7 +177,7 @@ The default bind address(es) to be used for all sites, if the [`bind` directive]
 
 <aside class="tip">
 
-Keep in mind that this will only apply to servers which are generated by the Caddyfile; this means that the HTTP server created by [Automatic HTTPS](/docs/automatic-https) for HTTP->HTTPS redirects will not inherit these bind addresses. To work around this, make sure to declare an `http://` site (it can be empty, with no directives) so that it exists when the Caddyfile is adapted, to receive the bind addresses.
+Keep in mind that this will only apply to servers which are generated by the Caddyfile; this means that the HTTP server created by [Automatic HTTPS](/docs/automatic-https) for HTTP-to-HTTPS redirects will not inherit these bind addresses. To work around this, make sure to declare an `http://` site (it can be empty, with no directives) so that it exists when the Caddyfile is adapted, to receive the bind addresses.
 
 </aside>
 
@@ -275,14 +275,25 @@ handle /health-check {
 ## TLS Options
 
 ##### `auto_https`
-Configure automatic HTTPS. There are a few modes to choose from:
+Configures [Automatic HTTPS](/docs/automatic-https), which is the feature that enables Caddy to automate certificate management and HTTP-to-HTTPS redirects for your sites.
+
+There are a few modes to choose from:
+
+- `off`: Disables both certificate automation and HTTP-to-HTTPS redirects.
 
-- `off`: Disabled entirely. No certificate management or redirects.
 - `disable_redirects`: Disable only HTTP-to-HTTPS redirects.
-- `disable_certs`: Disable only certificate automation.
-- `ignore_loaded_certs`: Automate certificates even for names which appear on manually-loaded certificates
 
-See the [Automatic HTTPS](/docs/automatic-https) page for more details.
+- `disable_certs`: Disable only certificate automation.
+
+- `ignore_loaded_certs`: Automate certificates even for names which appear on manually-loaded certificates. Useful if you specified a certificate using the [`tls` directive](/docs/caddyfile/directives/tls) which contains names (or wildcards) that you instead want to be managed automatically.
+
+<aside class="tip">
+
+This option does not affect Caddy's default protocol, which is always HTTPS, when a site address has a valid domain name. This means that `auto_https off` will not cause your site to be served over HTTP, it will only disable automatic certificate management and redirects.
+
+This means that if you wish to serve your site over HTTP, you should change your [site address](/docs/caddyfile/concepts#addresses) to be prefixed with `http://` or suffixed with `:80`.
+
+</aside>
 
 
 ##### `email`
@@ -463,7 +474,7 @@ Allows configuring [listener wrappers](/docs/json/apps/http/servers/listener_wra
 
 There is a special no-op [`tls`](/docs/json/apps/http/servers/listener_wrappers/tls/) listener wrapper provided as a standard module which marks where TLS should be handled in the chain of listener wrappers. It should only be used if another listener wrapper must be placed in front of the TLS handshake.
 
-The standard distribution of Caddy includes the [`http_redirect`](/docs/json/apps/http/servers/listener_wrappers/http_redirect/) listener wrapper, which can look at the first few bytes of an incoming request to determine if it's likely HTTP (instead of TLS), and trigger an HTTP->HTTPS redirect on the same port but using the `https://` scheme. It must be placed _before_ the `tls` listener wrapper. For example:
+The standard distribution of Caddy includes the [`http_redirect`](/docs/json/apps/http/servers/listener_wrappers/http_redirect/) listener wrapper, which can look at the first few bytes of an incoming request to determine if it's likely HTTP (instead of TLS), and trigger an HTTP-to-HTTPS redirect on the same port but using the `https://` scheme. It must be placed _before_ the `tls` listener wrapper. For example:
 
 ```caddy-d
 listener_wrappers {