Yes and no. https will only encrypt the transmission between the webserver and the browser for you. It won't prevent anyone from getting into your site.

I think your first thought should be, how important is the data you have. For example, if you're storing confidential client data, you want to secure it. If it's just a plain bulletin board with non-secret information, why bother with https?

As I said, https will only send html via an encrypted channel between the server and browser. https does not include a method for you to authenticate against the webserver, unless you want to issue certificates to all users (or you're VERY paranoid).

In my opinion, you could setup a perl CGI script, to accept the user and password, authenticate the user, and once authenticated, keep the session alive by passing a unique variable around all your forms, or by placing a cookie on the browser. There are many ways around this.

If security is your focus, don't just focus on https. Yes, https is important, but you also have to secure your database (if you have one), tie down any loose ends with your OS (eg. can a anonymous user connect to your box and get /etc/passwd ?)

Play around with Perl CGIs. They're a lot of fun, and they work on both the Unix's and Windoze boxes with either IIS or Apache.