Mixed content Multisite Plugin conflicts

Hyperlinks to external urls getting replaced to https

There are two situations where a normal hyperlink to an external url could get replaced to https

Website domain is part of the external domain

When the external url is for example http://domain.com.au while the website url is http://domain.com this can happen. Really Simple SSL replaces all instances of the own website domain in the html to https. In this edge case the external url gets replaced as well: replace http://domain.com in http://domain.com.au to https, and the external link is https as well. This can be fixed by excluding this url from the mixed content fixer: https://really-simple-ssl.com/knowledge-base/exclude-url-mixed-content-fixer/.

Links to non https sites on the same multisite network

WordPress uses the home_url() function to return the URL’s in a website. This function returns an https URL when the current website is on https. This means that if you link to another site on your network, which is not https, but the current site is https,  WordPress will return a https link anyway. I’ve created a fix for this WordPress behaviour (this is incorporated in Really Simple SSL as of 2.5.0):

add_filter("set_url_scheme", "rsssl_check_protocol_multisite", 20, 3 );

function rsssl_check_protocol_multisite($url, $scheme, $orig_scheme){
    if (is_multisite()) {
    //get blog id by url.
    //make sure the domain is with http, e.g. http://domain.com
    $domain = str_replace("https://","http://",$url);
    //remove http:// from the domain. e.g. domain.com
    $domain = str_replace("http://","",$domain);
    $blog_id = get_blog_id_from_url($domain);
    // exit if no blog id was found.
    if ($blog_id==0) return $url; //no blog id found
    
    //request the blog url and return it. If it is http, the returned url will now also be http.
    $url = get_blog_option($blog_id, "siteurl");
  }
  return $url;
}

If neither of these is the case with your site, Really Simple SSL won’t be the cause in your case, as it does not replace external URL’s. In that case I would check if another plugin might be causing this.

Related Articles

3 Comments

  • Miguel Muñoz

    Thanks!

  • jorge

    I do not understand your solution. I have a webpage that was http and now that I passed it to https I do not work an iframe of a podcats because I pass the url of that podcats to https

    Is there any solution for that?

    • Rogier Lankhorst

      Your issue is not related to the topic of this article. You have a https website with an iframe: In that case the url of the iframe must be https as well: otherwise browsers will block the iframe. So you have two options: either make the iframe source available over https, or keep the page on http, in which case you can use a http iframe.

Leave a Comment