Good question, in general it shouldn’t matter. If the http entrypoint only redirects to https, there should be no real difference.
But there are potential threat scenarios where it might help to block a request on http, not redirect to https, because TLS is more CPU intensive.
On the other side, if someone really wants to bring down your service, they might always use https anyway.
We use security on https only, keep http lean, only redirect to https.