Force subsite to be created with HTTP

The main site is installed with HTTPS, each subsite created with Pro Site is created with HTTPS as well. Please advise how to force these sites to be created with HTTP.

There are few subsites that need to remain with HTTPS protocol

  • Predrag Dubajic

    Hey tedwalid,

    Hope you're doing well :slight_smile:

    We have forwarded this to our devs to check it out but they would need FTP or cPanel in order to check this out in depth.

    You can send us your details using our contact form https://premium.wpmudev.org/contact/#i-have-a-different-question and the template below:

    Subject: "Attn: Predrag Dubajic"
    - Site login url
    - WordPress admin username
    - WordPress admin password
    - FTP credentials (host/username/password)
    - cPanel credentials (host/username/password)
    - Link back to this thread for reference
    - Any other relevant urls

    Best regards,
    Predrag

  • Lindeni Mahlalela

    Hello tedwalid

    I hope you are doing great today.

    I have prepared the following code snippet you can use to force newly created blogs/sites to use http instead of https. The main part here is that you can hook to WordPress' activate_blog action and update the siteurl and home url of the newly created blog to use http instead of https. The following code can be used as an mu-plugin or placed in your theme's functions.php file:

    add_action("activate_blog", "force_http_for_new_signups",10,1);
    function force_http_for_new_signups( $blog_id ){
    	switch_to_blog( $blog_id );
    	$home = str_replace("https://", "http://", get_option( "home" ) );
    	$siteurl = str_replace("https://", "http://", get_option( "siteurl" ) );
    
    	update_option( "home", $home );
    	update_option( "siteurl", $siteurl );
    
    	restore_current_blog();
    }

    What this code will do is to listen to WordPress' activate_blog action, once a blog is activated the code will get the current url for that blog and change "https://" to "http://" and then that blog should then use the http protocol afterwards. Please note that this code will update the url in the database and if there are any rules that force https then this code may fail so test thoroughly to see what happens.

    You can place the code above in your theme's functions.php file or create a new PHP file and paste the code as follows (including the opening php tag):

    <?php
    //paste the above code here

    Then save and upload the file to your website in the following location:

    wp-content/mu-plugins/force-http.php

    Where 'force-http.php' is the name of the file you just created.

    I hope this helps. Please let us know if you need any further assistance with regards to this and we will always be happy to help in any way possible.

    Have a nice day.
    Mahlamusa

  • Lindeni Mahlalela

    Hello tedwalid

    I hope you are doing great today. I am sorry that this is not working so far and I think I have found the reason why.

    In the code I suggested above, I have used the 'activate_blog' hook which runs when a blog is created, with Pro Sites, this runs after a payment was processed successfully. I have noticed that on your website you do not have any payment gateway active so this means the hook will never run because Pro Sites activates blogs once payment is successful.

    I have modified the code to use the 'wpmu_new_blog' hook so that the code will run as soon as the blog is created. This means the code will not depend on Pro Sites but will always run whenever a new blog is created even if it was created on the admin side.

    So, in the code above, I have changed the hook from:
    add_action("activate_blog", "force_http_for_new_signups",10,1);

    To:
    add_action('wpmu_new_blog', 'force_http_for_new_signups', 10, 6 );

    and in the function definition I have used all the parameters provided by the 'wpmu_new_blog' so that you can manipulate them to your liking. So the callback function becomes:

    force_http_for_new_signups( $blog_id, $user_id, $domain, $path, $site_id, $meta ){
            //the rest of the code is the same
    }

    I have tested this on your site, it seems to do what it has to do. Please see screen shots below:

    Site settings in multisite admin:

    After new signup:

    No green padlock:

    This seems to work well for me, I have also added some debug points in the code to see what it does and I confirmed that it was running properly and outputting the correct information. I have also checked the source code of a newly created blog and it seems to work just fine as I see the desired http protocol is used in the code instead of the https.

    I hope this helps. Please let us know if you need any further assistance and we will always be happy to help.

  • tedwalid

    Hello Mahlamusa,

    First, thanks a lot for the great work you have done !

    However, please have a look at this link https://drive.google.com/file/d/0B6-mynIsE9EWY3NGbHNCcUh6dmc/view

    The issue is still unsolved since each new blog created is http for the frontend but httpS for the admin. Please have a look at the video , I think that there might be something forcing the admin to use SSL because it starts as http then a few seconds later it become httpS and insecure.

    Thank you

  • Lindeni Mahlalela

    Hi tedwalid

    I hope you are doing great today. Thank you for the feedback and thank you for your patience.

    I think I have found the issue in Domain Mapping settings, I haven't changed it yet but I think if you change it it should work properly now. Please go to your WordPress dashboard in the "Settings > Domain Mapping" (Réglages > Mappage de nom de domaine) and change the option for:

    do you want to force https in the logon and admin pages: (Voulez-vous forcer la https dans les pages d'ouverture de session et d'administration:slight_smile:, change it to No (Non) as in the screen shot below:

    Once you save those changes it should work fine now. Please remember to keep the mu-plugin to continue to update the URLs for the front end as well.

    I hope this helps. Please let us know if you need any further assistance.

    Have a nice day.
    Mahlamusa

  • Viktor

    My edit seems to work if you want to go full on https. I added it in wp-content -> mu-plugins and filename force-https.php ofcause with open and close PHP tags.

    add_action('wpmu_new_blog', 'force_https_for_new_signups', 10, 6 );
    function force_https_for_new_signups( $blog_id, $user_id, $domain, $path, $site_id, $meta ){
    	switch_to_blog( $blog_id );
    	$home = str_replace("http://", "https://", get_option( "home" ) );
    	$siteurl = str_replace("http://", "https://", get_option( "siteurl" ) );
    
    	update_option( "home", $home );
    	update_option( "siteurl", $siteurl );
    
    	restore_current_blog();
    }

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.